Thermanator: hacking passwords with infrared and AI
Research shows that it is possible to use an infrared camera, supported by AI, to find out what kind of person has typed in: the Thermanator hack.
heat spots
The reason is that our hands are much warmer than the environment. We leave “heat stains” behind, as it were, on everything we touch. So when we type something on a keyboard, there are minimal temperature differences.
We touched the hottest keys the most recently. This even works with our feet. With the help of an infrared camera you can see exactly where someone has just walked. But this can also be done using the keyboard.
It does indeed seem to work. On my CAT s62 Pro smartphone there is a FLIR infrared camera and with that you can indeed see which keys were pressed last. But it takes more to make the Thermanator hack work.
Thermanator: machine learning and artificial intelligence
But even then there are of course quite a few possibilities for potential passwords. After all, it is possible that a certain key has been pressed before, but for a longer period of time. Then this key is still hotter even though it has been longer since it was pressed.
To take these possibilities into account, and to pick the ultimate solution between them, Thermanator uses artificial intelligence. With machine learning, you can at least determine exactly in which order a person has pressed the keys.
Thermanator sometimes retrieves password after a minute
If you make enough infrared recordings of a keyboard where someone has typed a certain text, and run a machine learning algorithm on it, it discovers patterns and can eventually decipher your password.
Depending on the length and quality of the infrared camera, the Thermanator hack allowed the researchers to retrieve the password between 20 seconds and a minute after someone entered it.
