Audio Eavesdropping Exploit Might Make That Clicky Keyboard Less Cool

Despite their claims of innocence, we all know that the big tech firms are listening to us. How else to explain the sudden appearance of ads related to something we’ve only ever spoken about, seemingly in private but always in range of a phone or smart speaker? And don’t give us any of that fancy “confirmation bias” talk — we all know what’s really going on.

And now, to make matters worse, it turns out that just listening to your keyboard clicks could be enough to decode what’s being typed. To be clear, [Georgi Gerganov]’s “KeyTap3” exploit does not use any of the usual RF-based methods we’ve seen for exfiltrating data from keyboards on air-gapped machines. Rather, it uses just a standard microphone to capture audio while typing, building a cluster map of the clicks with similar sounds. By analyzing the clusters against the statistical likelihood of certain sequences of characters appearing together — the algorithm currently assumes standard English, and works best on clicky mechanical keyboards — a reasonable approximation of the original keypresses can be reconstructed.

If you’d like to see it in action, check out the video below, which shows the algorithm doing a pretty good job decoding text typed on an unplugged keyboard. Or, try it yourself — the link above implements KeyTap3 in-browser. We gave it a shot, but as a member of the non-mechanical keyboard underclass, it couldn’t make sense of the mushy sounds it heard. Then again, our keyboard inferiority affords us some level of protection from the exploit, so there’s that.

Editors Note: Just tried it on a mechanical keyboard with Cherry MX Blue switches and it couldn’t make heads or tails of what was typed, so your mileage may vary. Let us know if it worked for you in the comments.

What strikes us about this is that it would be super simple to deploy an exploit like this. Most side-channel attacks require such a contrived scenario for installing the exploit that just breaking in and stealing the computer would be easier. All KeyTap needs is a covert audio recording, and the deed is done.

Continue reading “Audio Eavesdropping Exploit Might Make That Clicky Keyboard Less Cool”

A Microwave Repair Even Mechanical Keyboard Fans Will Love

Microwave oven design and manufacturing have been optimized to the point where the once-expensive appliances are now nearly disposable. Despite the economics, though, some people can’t resist fixing stuff, especially when you get a chance to do it in style. Thus we present this microwave repair with its wholly unnecessary yet fabulous adornments.

The beginning of the end for [dekuNukem]’s dirt cheap second-hand microwave started where many of the appliances begin to fail first — the membrane keyboard. Unable to press the buttons reliably anymore, [dekuNukem] worked out the original keypad’s matrix wiring arrangement and whipped up a little keypad from some pushbutton switches and a scrap of perfboard. Wired into the main PCB, it was an effective and cheap solution, if a bit on the artless side.

To perk things up a bit, [dekuNukem] turned to duckyPad, a hot-swappable macropad with mechanical switches and, of course, RGB LEDs. Things got interesting from here; since duckyPad outputs serial data, an adapater was needed inside the microwave. An STM32 microcontroller and a pair of ADG714 analog switches did the trick, with power pulled from the original PCB.

The finished repair is pretty flashy, and [dekuNukem] now has the only microwave in the world with a clicky keypad. And what’s more, it works.

Continue reading “A Microwave Repair Even Mechanical Keyboard Fans Will Love”

Clicky Signspinner Works Just Like A Retractable Pen

[u407]’s 3D printed Signspinner was created as a clean/dirty indicator for a dishwasher, and at its heart is a mechanism that works a lot like that of a retractable ballpoint pen. Every click of the plunger spins the circular label inside by one-quarter of a rotation. In [u407]’s case it only needs to alternate between showing “clean” and “dirty”, but there are in fact four total label positions.

The entire mechanism including the spring is 3D printed, but the spring is PETG and the rest is PLA. [u407] doubts PLA would work for the spring because of how much it gets compressed, but suggests that ABS might work as an alternative.

If you’re having trouble visualizing how this mechanism works, we covered [Bill Hammack] explaining exactly how retractable ballpoint pens work which should make it perfectly clear. It’s fundamentally the same principle.

[via Reddit]