Wednesday, January 14, 2015

So much for wireless keyboards

For years I've refused to use wireless keyboards because I believed their signals could be intercepted and decoded by keylogging software.  Turns out I was right.

If you use a wireless keyboard you may be broadcasting everything you type to hackers – from passwords to credit cards numbers and private emails - as a researcher shows how a homemade bugging device can be made for just £6 [less than US $10].

The creator of the listening device – who has also built a predatory drone which chases and hacks into other drones - has posted a list of components, instructions and source code online to allow anyone to make their own.

The KeySweeper can collect every keystroke made on a nearby keyboard locally and also beams it back to the attacker who placed it via a small chip which acts like a mobile phone.

. . .

Perhaps the most dangerous feature is that it can be made to send an SMS alert to the attacker if a certain combination of letters is detected. It could, for instance, watch for the website address of an online bank and alert the attacker that a password and username is likely to be typed in shortly.

There's more at the link.

Here at home, all the stand-alone keyboards used by Miss D. and I are connected to our computers by USB cables.  I strongly recommend that if you use wireless keyboards, you should switch to the older wired technology.  It's not difficult for someone to intercept your keyboard's signals - and if you type things like intimate personal information or do online banking or payments, the snooper can find out everything needed to steal your identity and misuse your accounts.



Travis McHenry said...

My logitech keyboard (K800) had me go through a setup process to enable encryption. So... it WOULD be quite difficult for someone to make sense of my keyboard's signals.

Borepatch said...

Remember, the attacker needs physical access or proximity

Rev. Paul said...

Well, isn't THAT exciting ... not. Okay, back to USB we go.

Mark Matis said...

Understand that, even if you ARE using a wired keyboard, your keystrokes can be intercepted anyway. If you are using Microsoft, Apple, or Google software, there are backdoors built into same to give the FedPigs access to your computer as root WITHOUT your knowledge. Of course, EVERY Fed who knows about such access is beyond honest, so you should have NO concern about them letting ne-er-do-wells have access for 30 pieces of silver.

And even if you are NOT one of the Right People, you should have NO concern about the Federal Government misusing that capability against you. I'm sure it's just a coincidence that file was placed on Sharyl Attkisson's computer. Must have been done by somebody NOT in the government.

They have the capability to monitor ANY keystrokes on computers running such software, REGARDLESS of whether or not those keystrokes are encrypted. They can read any file on the machine. And they can write any file TO the machine. Totally without your knowledge.

bmq215 said...

Borepatch is right. The arduino-based attack, or anything else short of ultra-expensive signal snooping equipment, has to be very close. If someone can get that close then it's just as easy, if not easier, to intercept signals from wired keyboards. There are numerous hardware and software methods of doing so and some are nearly undetectable if you don't closely scrutinize your computer's innards on a regular basis. As Travis pointed out, wireless keyboards may actually be safer since they rely on less well-known protocols and in some cases include encryption.

Anonymous said...

From the article:

Thorsten and Max discovered the keystrokes are simply encrypted (xor'd) with the MAC address in ECB mode, which we are able to sniff after using Travis' method of abusing the nRF24L01+ to both sniff and reveal MAC addresses. This "encryption" is the equivalent of taking a deck of cards, cutting it once, and calling it shuffled.

Essentially, the "encryption" stops only someone who doesn't want to look anyway.

-- Steve

Travis McHenry said...

The encryption logitech uses is AES 128bit symmetric key encryption. Not ECB and not using the MAC address.

For more info: