My uncle was a career NSA man. In the 1970s, his job (I learned decades later) was to modify and maintain all the typewriters in the White House so their keystrokes couldn't be used to identify what was being typed on them. Presumably the concern was that something like a Buran eavesdropping system could be used to detect vibrations in windows, and the sound of the typewriter keys then extracted and analyzed to recover the text.
My grandfather (also career NSA) used to tell me that it would seem like fiction if people knew some of the things that technology and a good cryptanalyst could do. I think he was right.
"his job (I learned decades later) was to modify and maintain all the typewriters in the White House so their keystrokes couldn't be used to identify what was being typed on them."
How would you do that? Soundproofing? Delay on the mechanical action? What is the fingerprint that allows transcription of a sound sample?
If I was given this job, not knowing anything about typewriters or spying, my first plan would be to modify all typewriters regularly by switching parts around according to a random draw, and also by rejigging any calibration settings (individual letter height, etc). This would modify both the sound of the typewriters and the fingerprints of the actual typed output [1].
This way, there would never be a per-typewriter profile, because all machines are randomised every week. Obviously, I'd also have a white-room analysis team checking whether the scheme works.
Maybe someone who knows more about typewriters could tell me whether this would work at all, or there is a fatal flaw.
It's pretty interesting. It's an algorithm which, given a recording of you typing out several HN comments, can generate an acoustic profile of how you type on your particular keyboard. By assuming that you're typing English, it can infer what words you're typing based on its rough guess, and then it can train itself to recognize keystroke sounds that it previously got wrong. After a few times of doing this, it claims to be accurate enough to recover your passwords from a recording of you typing them in.
Some of the previous work on this involving timing attacks against SSH [1] is particularly interesting because it's so obvious in retrospect, but no one saw it when SSH was being designed.
fwiw, when i used to work in finance, the team i was in used to handle very sensitive market-moving data. one day, without warning, all of the offices keyboards and mouse where changed to "more secure hardware/peripherals" by orders of the cio and its staff. this was in 06/07, at the time i thought they were paranoid - now i think otherwise.
i remember all wireless devices were made wired, all keyboards where non-mechanical, very simple/traditional layout (no multimedia keys, etc) and no usb interface. i'm sure there was more to it, but that is all i saw/remember.
This is a very old idea. I recall that in the 1987 book "Spycatcher" Peter Wright wrote about listening to typewriter keystrokes through a microphone bug in some embessy. He was the head scientist in British intelligence and the book caused a bit of a stir at the time, being the subject of censorship attempts. I think this audio bugging of keystroakes may go back to the 1960's.
I wonder how well this would work for really fast (150WPM+) typists, since at that speed the keys are often being hit simultaneously by many fingers and it becomes much harder to distinguish the individual sounds. The spacebar still remains distinct-sounding, however.
My grandfather (also career NSA) used to tell me that it would seem like fiction if people knew some of the things that technology and a good cryptanalyst could do. I think he was right.