In the real world, if you have compromised someone's phone and have access to their key strokes through bluetooth, why do you need this method at all? Even in some contrived circumstance where it was more feasible, it would probably be better 100% of the time to try to compromise the phone's bluetooth, audio, camera, or wifi capability before targeting the accelerometer and then hoping that they happen to leave their phone close enough to the keyboard and hope that your algorithm can decode keystrokes on a keyboard that it has never heard before, which may also be a type of keyboard that it has not heard before.
All in all, it's a cool experiment which shows that we can do some interesting and non-conventional stuff with accelerometers, but it's not practical in the slightest.
With this kind of stuff and other advances in activity recognition, allowing any app to record anything using the accelerometer might become a privacy threat.
They also use EMF shielding to prevent TEMPEST attacks. Most interesting to me is that they were aware of TEMPEST leakage as early as WWII.
Give it time. A proof of concept does not represent the upper limit of what a technology can do.
(I confess, i haven't read the paper yet)
btw would this work for laptops? wouldn't the signal be a bit different?
Yes, and that's the major problem with its practicality. The researchers had to make use of a long training period on one specific keyboard (I don't believe they specify how many typists were involved in the training process, though). The rub, is that when they take this phone to another keyboard or have another typist at the keyboard, it will need to be trained again, just to reach 80% accuracy. If you want to spy on someone with your phone there are far better/more reliable/efficient ways to do it that do not involve training a machine learning algorithm to process key strokes from a specific keyboard with, at most, a couple of typists on it (hopefully they are all the typists you want). Not to mention what happens if the phone gets moved. A few inches and their training period would probably be borked eight ways to Sunday.
You shouldn't need to train it via this method, you pretty much know exactly how often each letter of the alphabet is used so once you differentiate between keys it's just standard substitution encryption cracking = very easy.
The keyboard type should be irrelevant, if you can uniquely identify keys being pressed it's a easy game over.
That said, there are much easier methods to go about obtaining keystrokes from a victim ...
So we're all going to have to use constantly vibrating keyboards now to fool the accelerometers. Oh great.
It'd be tricky to get enough damping without making the typing action horrible, I think.
It does make me wonder though if the sound of each individual key press is subtle and unique enough to be identified.
Has anyone tried to recover keypresses from a video of someone typing? That would be an interesting challenge, I would think, especially if the video is at a poor angle.