Thanks to Entrust's identity blog for pointing us to this website describing research by Li Zhuang, Feng Zhou, and J. D. Tygar on the privacy of typed material in the presence of microphones. The site contains links to their paper, and will shortly be supplemented with raw versions of their experimental data and setup. Note that it will be changing its URL to keyboard-emanations.org.
We show that using a generic microphone, we can successfully recover almost all text typed on standard keyboards. Unlike previous research our method works even if we have no information about the typist, the keyboard, and no “training data” (examples of the typist typing known text). Simply put a microphone in a room with a typist, record 10 minutes of data, and our algorithms recover the typed text … including arbitrary text, such as passwords. Our work breaks even “quiet” keyboards that are designed not make sounds. Our results suggest that recovery is possible even if microphones are outside the room (using parabolic microphones).
Paper: Keyboard Acoustic Emanations Revisited (to appear at the November 2005 ACM Conference on Computer and Communications Security)