Skip to content

What if you type in your password during a meeting? – Naked Security


In this episode of the Naked Security podcast, hosts Doug Aamoth and Paul Ducklin cover a range of topics, including crocodilian cryptocrime, the BWAIN streak, and the importance of touch-typing. They kick off the episode with a discussion on Tech History, highlighting IBM’s presentation of the Automatic Sequence Controlled Calculator (Mark I) to Harvard University in 1944. Despite its obsolescence, the Mark I played a significant role in computing history.

Moving on to the latest BWAIN, Doug and Paul delve into the Downfall bug caused by memory optimization features in Intel processors. Similar to the previously discussed Zenbleed bug in AMD Zen 2 processors, Downfall allows for the inadvertent leakage of internal state information. The bug occurs due to an instruction called GATHER, which collects data from memory addresses. The hosts emphasize the need for mitigation to countermand the bug, even if it comes at the cost of performance improvements.

The hosts then turn their attention to a research paper on the cybersecurity implications of touch-typing. While recording meetings, there is always a risk of capturing sensitive information. However, the paper explores the possibility of deciphering what individuals are typing based on the distinct sounds produced by different keystrokes. The research suggests that it may be possible to discern passwords and other sensitive information simply by analyzing the sound signatures of keystrokes. The hosts highlight the importance of being cautious when typing during meetings, even if the content being typed may not seem controversial.

Overall, this episode covers a range of intriguing topics in the field of cybersecurity, from historical milestones to the latest bugs and potential risks associated with touch-typing.

Leave a Reply

Your email address will not be published. Required fields are marked *