Well i just noticed that we don’t have any Article on social engineering or such attacks which are not about hard coding skills or exploitation skills rather are about your awareness of tools and understand of common mistakes of humans. I was just thinking about writing something which less people are aware of and then came up with the idea of writing this article.
Whenever you type something on the keyboard there will be some thermal residue left over which can be detected by a thermal (infrared) camera !
Note : Though recently University of California, Irvine (UCI) team named such attacks as Thermanator these attacks existed since long back.
At the USENIX Security Symposium in 2011 , researchers Keaton Mowery, Sarah Meiklejohn and Stefan Savage from the University of California at San Diego presented their paper “Heat of the Moment: Characterizing the Efﬁcacy of Thermal Camera-Based Attacks.” It covers experiments done to check accuracy of such attacks.
The main fact here lies that plastic and rubber pads are suffering from such attacks while mettalic ones are safe ( because in metal the heat will flow to other parts immediately) .
You can read the above pdf carefully and all things are mentioned there (that one is with plastic and metal ,rubber not included in that). The pressure with which the participant pressed the button and his body pressure also varied the result. Also note that in plastic pads it was even possible to detect the order of press of buttons (not just which buttons were pressed) because of the difference in radiations being emited by the buttons. Also it depends upon when the attacker will do the attack. I mean say you pressed buttons and gave to attacker and its just 10 seconds passed now from pressing buttons then attacker will have more clear picture of radtions ( of course with time the intensity of heat being emited will keep falling). As the time elapsed to 45 seconds the the succes rate of predicted correct PIN fell to 60%.
However in one of the recent research it has been demonstrated that 30 seconds is a good time for which the attack is quite effective!
NOTE : This is the reason why modern atm machines have metallic keypads !
On rubber and plastic pads such attacks are easily possible and you must be aware of them.
Above image shows Thermal radiations after pressing buttons of door lock !
Above image shows Thermal radtions after pressing buttons of Payment terminal !
Note : You can’t see infrared with your normal cameras. Your normal cameras have IR blocking filters on sensor and even if you modify camera to remove these filters you can not see much of IR via them ( Infrared spectrum varies a lot ). You need thermal imaging camera for accuracy and experiments just like FLIR ONE, Seek thermal imaging camera etc !
There are several thermal cameras that can do the task. In fact FLIR even launched a special cover case for iphone 5s which has a thermal camera to read Infrared . Such devices make create more problem in daily life as even if someone is carrying them in shops or other places people might not even notice that the guy’s phone can catch your password (say it could be an atm pin) after you are gone from there.
Above image shows Flir One Thermal Imaging Camera Case for iPhone 5s
Note : Such attacks are getting improved with time. At ACM CHI Conference on Human Factors in Computing Systems, 2017 demonstrated a bit of better version of the attack was demonstrated. Its quite lenghty video : https://www.youtube.com/watch?v=QFQlCwtybqo . Let me mention some of the important points of this demonstation here :
Duplicate and Overlaps
As explianed earlier also with elapse of the time the attack becomes harder as heat intensity keeps falling.
Duplicates make the PINs less secure
Overlaps make the patterns more secure.
Most of the things these guys got in their research are in a way what we could visualise ourself.
Note: There are far advanced attacks for passwords grabbing related to mechanical vibrations, electromagnetic emanations etc We will see many advanced attacks later especially when we will study about Air-gap attacks !
From the above results you can conclude what type of passwords or patterns you should choose for sake of safety from such attacks. When using keypads made up of plastic or rubber you should try to place fingers on other buttons also while writing your pass so that there is heat emission becomes confusing for the attacker.