Researchers have developed two new techniques for stealing data from a computer that use some unlikely hacking tools: cameras and telescopes.

In two separate pieces of research, teams at the University of California, Santa Barbara, and at Saarland University in Saarbrucken, Germany, describe attacks that seem ripped from the pages of spy novels. In Saarbrucken, the researchers have read computer screens from their tiny reflections on everyday objects such as glasses, teapots, and even the human eye. The UC team has worked out a way to analyze a video of hands typing on a keyboard in order to guess what was being written.

Computer security research tends to focus on the software and hardware inside the PC, but this kind of "side-channel" research, which dates back at least 45 years, looks at the physical environment. Side-channel work in the U.S. was kicked off in 1962 when the U.S. National Security Agency discovered strange surveillance equipment in the concrete ceiling of a U.S. Department of State communications room in Japan and began studying how radiation emitted by communication components could be intercepted.

Much of this work has been top secret, such as the NSA's Tempest program. But side-channel hacking has been in the public eye too.

In fact, if you've seen the movie "Sneakers," then the University of California's work will have a familiar ring. That's because a minor plot point in this 1992 Robert Redford film about a group of security geeks was the inspiration for their work.

In the movie, Redford's character, Marty Bishop, tries to steal a password by watching video of his victim, mathematician Gunter Janek, as he enters his password into a computer. "Oh, this is good," Redford says, "He's going to type in his password and we're going to get a clear shot"

Redford's character never does get his password, but the UC researchers' Clear Shot tool may give others a fighting chance, according to Marco Cova, a graduate student at the school.

Clear Shot can analyze video of hand movements on a computer keyboard and transcribe them into text. It's far from perfect -- Cova says the software is accurate about 40 percent of the time -- but it's good enough for someone to get the gist of what was being typed.

The software also suggests alternative words that may have been typed and more often then not the real word is in the top five suggestions provided by Clear Shot, Cova said.

Clear Shot works with an everyday Web cam, but the Saarland University team has taken thing up a notch, training telescopes on a variety of targets that just might happen to catch a computer monitor's reflection: teapots, glasses, bottles, spoons, and even the human eye.

The researchers came up with this idea during a lunchtime walk about nine months ago, said Michael Backes, a professor at Saarland's computer science department. Noticing that there were a lot of computers to be seen in campus windows, the researchers got to thinking. "It started as a fun project," he said. "We thought it would be kind of cute if we could look at what these people are working on."

It turned out that they could get some amazingly clear pictures. All it took was a US$500 telescope trained on a reflective object in front of the monitor. For example, a teapot yielded readable images of 12 point Word documents from a distance of 5 meters (16 feet). From 10 meters, they were able to read 18 point fonts. With a US$27,500 Dobson telescope, they could get the same quality of images at 30 meters.

Backes said he's already demoed his work for a government agency, one that he declined to name. "It was convincing to these people," he said.

That's because even though the reflections are tiny, the images are much clearer than people expect. Often, first time viewers think they're looking at the computer screen itself rather than a reflection, Backes said.

One of his favorite targets is a round teapot. Looking at a spoon or a pair of glasses, you might not get a good view of the monitor, but a spherical teapot makes a perfect target. "If you place a sphere close by, you will always see the monitor," he said. "This helps; you don't have to be lucky."

The Saarland researchers are now working out new image analysis algorithms and training astronomical cameras on their subjects in hopes of getting better images from even more difficult surfaces such as the human eye. They've even aimed their telescopes and cameras at a white wall and have picked up readable reflections from a monitor 2 meters from the wall.

Does Backes think that we should really be concerned about this kind of high tech snooping? Maybe, just because it's so cheap and easy to do. He said he could see some people shelling out the US$500 for a telescope just to try it out on their neighbors.

So how to protect yourself from the telescopic snooper? Easy. "Closing your curtains is maybe the best thing you can do," he said.