Skype calls carry an unseen, but crystal-clear danger of leaking your passwords to hackers, say researchers at the University of California, Irvine and in Italy.
We have all been in the scenario where we Skype and our interlocutor types loudly on the keyboard, and it looks like this can be a serious security breach.
Gene Tsudik, professor of computer science at UCI, explains that he had this revelation more than a year ago while participating in a Skype conference.
"I wondered if I could work out what that person is writing?" Tsudik says.
He goes on to add that existing research demonstrates that placing a microphone near another person's keyboard and recording the sound of the keystrokes can yield enough information for you to decode some of the text.
Tsudik points out that the Skype keystrokes were loud and clear, prompting him to look further into the matter.
The resulting study [PDF], which Tsudik is a coauthor of, tapped into smart machine learning and found that should hackers possess the proper information, such as what type of keyboard is in use at the other end of the Skype call, it is easy to determine the keystrokes with a whopping 91.7 percent accuracy.
What is more, you can almost guess the typing content without having information on the person's typing style or keyboard. The algorithm has a chance of identifying the typing content with a 41.89 percent accuracy. It should be mentioned that the English language sports a rather clear distribution of letters, as well as a predictable frequency of the letter. This is why the study takes into account typing in English, but those who type in other languages could be at risk, as well.
On the bright side, Skype calls are encrypted, which means that chances of malicious users tapping into your call are virtually nonexistent. This should lower the number of such exploits, but Tsudik warns that some unwanted scenarios are still possible.
He affirms that in some video calls, the parties involved are not as trustworthy as you would think.
"That might be politicians or commercial rivals having a teleconference, for example," Tsudik exemplifies.
He urges Skype users to consider the possibility that the person on the other line could make use of high-end algorithms to "audio-read" your typing.
The message is pretty straightforward: regardless if it is passwords or confidential messages you are typing when Skyping, postpone entering them into your keyboard while you are having a voice call. It may just save your privacy.
It is not the first time this year when Skype was shown to have security liabilities. In February, the T9000 Trojan demonstrated it can bypass antivirus software and tap into Skype conversations.