Slashdot Mirror
Beware the Haunted Cordless keyboard
dr. greenthumb writes "The norwegian newspaper Aftenposten reports about an incident where a computer suddenly seemed to develop a life of its own. A game which the user could not remember using that day suddenly appeared on the screen. When he went over to shut it off the screen displayed a message asking him if he "really wanted to delete this file?"
His computer was receiving keystrokes from another computer (with the same type of wireless keyboard) 150 metres away!
Check out the full story and a follow-up, where experts warns against using wireless keyboards." /me plans to destroy Hemos' sanity...
not all supposedly convenient technologies are necessarily better or more convenient. I like having a cord on my mouse and keyboard because 1) i know it's connected and 2) i know another isn't. Wireless keyboards etc. have no less a security risk involved as would a wireless network. Imagine being logged on as root and having the guy on the floor above you type in rm -rf /. while you hit the bathroom. even if your door is locked, you're still screwed.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
The attitude companies have towards security is appalling. Wireless keyboards have to use strong cryptography or credit card numbers and personal information are being broadcast across the neighborhood. 256 channels isn't going to fix it.
This must violate FCC requirements - you know that text on the bottom of your keyboard and mouse.
Why is Triangle Man so MEAN?
Wireless keyboards have other security issues. Read up on the discussion that took place about this on SecurityFocus: http://online.securityfocus.com/archive/82/173944
WOW ! What kind of keyboard was it ??? My Logitech kb/mouse work AT MOST at 10~15 mts, and only if their batteries are full.
I guess you might have a wireless presentation mouse, i have a gyromouse too, but i find it unlikely that 2 are used in the same office simultaneously.
I have the same trouble with my tv remote. After the wife goes to bed, it turns to the TV-MA flicks on Cinemax and then clicks back to TLC or something whenever she walks in.
I know there are security and other settings that when properly configured will help prevent these mistakes, but just look at the number of unsecured business wireless networks out there that don't even have WEP turned on. Its going to be nasty.
VNC in an office environemnt is a lot of fun with all the Windows users that never notice the little VNC server icon in the 'systray' - right next to their Gator and Bonzi Buddy icons.
I've got the keystrokes down just right
[Ctrl]+[Esc] -> r -> notepad -> Do you want to live, human? -> [F4]
under a second. Leaves the poor things troubeled. Confused. Hungering for the sweet realse of alcohol or a shotgun.
Or just move the mouse subtely when they go to click on somthing.
Of course, don't forget to tell them that it could be Bill Gates fucking with their computer - he's mad that they diden't forward the Windows 95 Beta email. He really wanted to give them $1000 and he's pissed his knickers.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
That's right, WarKeyboarding! Boost the signal of your keyboard, and drive around town attempting to control random computers. Not seeing a screen is kind of difficult, but that's only a minor obstacle. Also use a tuned receiver to listen to keystrokes from around town. Passwords galore!
...I'll procrastinate tomorrow...
My Log?tec keyboard hask been working for the law#tst two years witout any hi19tch.
Finally I'll have a decent excuse why that webpage full of naked women was on the screen when my girlfriend walks into the computer room. "I swear honey, it wasn't me.."
Most wireless keyboards, like garage door openers, have their own unique codes and frequencies built in to them so one cannot interface with another in the same way.
The guy has just probably been netbus'ed, back orificed, etc, or someone's playing pranks on him...
I uLse a LogUitecZh wirEelRess and mYouse. It's beOen happUening Rso muKch laEteYly, I'vSe gotAten uRsed to iEt. ThoRse meddUlinLg kiEds! GooDd thiDng they cOan't tRype as fKast at me.
Today's mice are well known to spiral the cursor in a circular motion around your screen at a high rate of speed, clicking the screen randomly when their internal circuitry begins to fry.
... once at a colleague's desk, and another time during an application demo.
I've witnessed it twice
It's great fun to explain that the problem is the mouse and not your app to a room full of speculative non-technical people.
I've never Classified: had For Your problems Eyes with it Only.
150 meters? that's cool... since i use inches and feet, i'm not affected.
Seriously, though. I've been using Logitech cordless desktops for years - I've had four in my apartment in close proximity with no problem, and used several at work as well. If a mouse or keyboard syncs with a base unit, it syncs to *that* unit. You can sync multiple devices to a base unit, but I have never seen a device sync to multiple base units. A nice little thing about Logitech's system is that they are all compatable - I like the simple diamond mouse and a keyboard without extra multimedia buttons, and detest the ergonomic "crashing wave" mouse. I can pick and choose my keyboard and mouse, walk over to a computer, hit the sync button and start using it at that terminal. The only problem I've ever had was when the living room computer was next to the multimedia computer and you sometimes synced to the wrong one... so you'd check before typing willy-nilly. :)
Wireless keyboards and mouses are great - I swear by them. I change batteries maybe once every 4 to 6 months, and don't ever have to worry about cables. At home I type in my lap, and can have my phone right against the top of my mousepad, my monitor to the left, and a glass of tea to the right and not worry about the cord catching the phone cord or knocking over the tea.
Now, I *would* like an encrypted signal, sure... but gimmie a break... who the hell cares to capture a few hours of my posting to Slashdot and writing rough drafts of lyrics? Certainly not *my* neighbors. Still, I ssh to my servers, and it would be really nice to have a secure connection to my keyboard. If I was really paranoid, I'd stick my monitors in a Faraday cage to prevent the video signal from being broadcast... everybody is sending *that* out (where everybody = really close to 100% of all computers).
--
Evan
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
You know precisely when your wireless kb/mouse are connected.
They are wireless to a base connected by cables to the mouse/kb mini-dins or to usb.
That is, unless you have a blootooth-enabled motherboard and a BT kb & mouse
Has anyone considered selling wireless hardware that would let me generate my own keys. Then let me install my own keys in my own hardware.
Preferrably with the option of selecting the encryption standard.
134340: I am not a number. I am a free planet!
That, and the bloody batteries won't run out in the middle of a very important task...
Does it make you happy you're so strange?
Thanks 20wordsummary! 20 words on the dot!
"A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
Nightvision infrared goggles.
-SheWhoWalksWithToesLikeCobras Please enter any 11-digit prime number to continue...
How are things at NASA these days?
If only we could secure wireless technologies. Maybe we could have the signals travel in a secure method - maybe down some sort of tube. maybe the tube would have to have some sort of "antennae" - maybe it should be of some conductive material - like copper.
We should also make sure that these "tubes" are shielded in some way - with maybe a suple rubber coating.
Then the wireless signals could travel through this "tube" from the keyboard to the computer - thus rendering them safe from nasty hackers that may be listening.
Bluetooth security may not be perfect, but it's a whole lot better than this. Bluetooth devices are paired and can encrypt their communications. Furthermore, setting up Bluetooth security is much simpler than setting up 802.11b security, and many devices will simply not work unless the end user does. If all wireless keyboards switched to a proper Bluetooth implementation, security would be a whole lot better than with these random RF hacks.
In British english:
metre - unit of length
meter - device for measuring
In US english
gee they're the same
I live in a dorm situation, so it is very possible kids who are nearbye will interfere/send keystrokes/recieve keystrokes from my computer. However, Logitech promises Cordless freedom through multi-channel digital radio technology with secure encryption.
Loitech assures us that the kind of stuff mentioned in the article cannot happen:
But I can't find any more details about this technology. So some logitech keyboard have encryption, some don't. I wonder how easy it is to add encryption to these thigns without latency. I don't want to press "a" and wait 2 seconds while the signal decrpyts for the a to appear on my screen. I wonder how simple or complex the encryption is on my cordless access keyboard. Is it a simple XOR like the AIM passwords or is it real encryption? I don't know. But frankly, I am not worried.Bottom Line: zero encryption with 12-but ID codes is good enough for me. If someone really wanted to get at my credit card numbers, they would probobly come into my unlocked room and find my wallet with my credit card in it instead of building a device to pick up the radio signals from my keyboard. Logitech claims a .25% chance of interference, and as long as my keyboard work, that is also good enough for me.
instances like the above case are extremely rare. like they say, 25 feet is a max range. My keyboard doesnt work beyond 10. Except for people living in areas with certain environmental conditions (which are intermittant), this isnt a problem. Unless the hacker decides to steal your info by getting in the same room as you (this is of course, after actually FINDING you) its simply not going to happen.
-
Now, I really have no clue whether this is just for show of if it actually does something. Does anyone know?
And there, in the computers disk drive... WAS A HOOK!
Nanite
God is real unless declared integer.
How about a wide-spectrum IR-type keyboard. You'd have to align the transmitter and receiver, but at least the signal wouldn't be escaping the confines of your house/apartment/etc.
Also, how about security wireless mice? There's no password-sniffing risk, but I guess somebody could move the cursor around on your PC and delete files etc... not quite as bad as keybpard access though.
Can anyone give any info on available IR mice/keyboards? Most checks in search engines seem to just links about mice using IR for movement detection, not transmission
This is the same kind of crap that went on with early cordless telephones.
Speaking of which; why the hell do people want cordless mice/keyboards in the first place? What did the cord ever do to you? I can see 10 years into the future, where in addition to having kilowatt power supplies, we'll be filling up all the landfills with alkaline batteries to keep our mice and keyboards well fed; and for what -- to get rid of that ever-so-annoying.... cable? I just don't get it.
The wheel is turning, but the hamster is dead.
Southern New Jersey police dispatchers were wondering why they were receiving requests for New England Patriots, Boston Bruins, and Boston Celtics statistics on their monitors....
Mordor...a magical, mythical land where women are more rare than dragons--but where every man would rather find a dragon
Happens that, right after Christmas (or maybe Christmas afternoon, I can't remember) one of the neighbor kids shows up with his shiny new rc-10 (mine was somewhat more scarred - see above). Naturally, I ran inside and got my car out so that we could race. What a disaster - my car did this stuttery thing and ended up in a flowerbed, while my friends' brand-new rc-10 went off full-throttle up our driveway, completely out of control, and then zipped right under the gate and into the waiting fangs beyond. By the time we got the gate undone, it was too late. Yeah, we checked, and yeah, both of us were on the same freq. What a scene - I'll never forget it
political_news.c: warning: comparison is always true due to limited range of data type
Such incidents are prone to happen when things are new. One colleague nearly scared to death a University teacher in the beginning of the 90's, and guess how, using the fresh new and revolutionary remote control technology. Today we have all these Remote Admins, VNC, Terminal Services and so. Back then, people were only starting to see these things. And well, one colleague took control of a machine and started playing with it. I saw what was happening with the teacher while the show went on. Imagine someone in its late 40's, using a good suit, with a small Lenin-like beard and a good hair-cut. Now, this is not a joke, imagine how he went out the room - hair all up, his Lenin-like beard pointing forward, with the upper buttons of the shirt open, trembling and with wide eyes open...
That's one of the first remote control jokes...
... this gadget.
nirvanis
...when I was visiting a customer. We were working on something on my laptop, discussing changes to a website, :)
when suddendly the mouse started to move around horizontally. We stared at it in amazement for a while, then I
moved the mouse and it all stopped. My best guess is induction from a nearby power line, but I don't really know
If a train station is a place where a train stops, what's a workstation?
I recently had a job where I supported wireless keyboards and mice.. it was in a big cube farm, and alot of the other techs had this equipment to help troubleshoot it..
Anyway, for about a week straight, every day when I would come in, I would have netscape open, emails open, etc..
I had originally thought that someone was messing with my pc at work when I was gone, but at the end of the week, the offending person was there and used his mouse and it controlled my keyboard... With those first ones we had to, there were only 2 channels you could use, so its a bad idea for any sort of mid-large company..
They are now making bluetooth keyboards / mice and are supporting them there, I don't work there anymore though so don't have much of an idea if it works better...
In farscape they use the term metres all the time. I think it is something like an AU in length.
Now, will someone please explain to me how updating drivers for a 3 year old wireless keyboard will encrypt the path from the keyboard to the receiver? I'm honestly asking, because I don't get it. Or does it only work for recent revisions of these keyboards? I don't think this wasn't a part of the drivers when I bought it a couple years ago. I tried to ask LISA, their magical online support, but all I got was:
"LISA I found no items pertaining to 'encryption'."
It's psychosomatic. You need a lobotomy. I'll get a saw.
A couple of years ago I spent an enjoyable couple of days driving the graphic designer mad at a web-dev house where we worked. She used an Apple G4 which was positioned directly across the desk from me (so our monitors backed onto eachother). I sneakily plugged a spare mouse into one of the unused USB ports on the monitor and let the fun ensue ;-)
A few times a day I'd listen for frantic clicking, and hold down the left button, whilst listening to the enraged artist screaming "THIS F*CKING BUTTON KEEPS STICKING!!!" etc. I eventually moved on to ever so slowly moving the mouse around, to more curses. Every so often, colleagues would be invited to try and work out what the problem was (at which point I obviously stopped messing about). I was eventually found-out after failing to supress my laughter at a particularly violent tirade after drawing a big black line all over an image (unknowingly).
I don't work there any more...
Code, Hardware, stuff like that.
Turns out it fell between two of the couch cushions, which were depressing the "next channel" button...
I won't use a wireless home network, or an rf wireless keyboard. I also will only divulge private information over a landline hard wired phone. Cordless phones and even cell phones are NOT good security. True landline phones can be tapped into, but there are some ways to detect this.
Now IR wireless keyboards should be ok. The range isn't as good but it is good enough for the couch potato.
Ever seen the movie "Sneakers"?
:-)
If you are or aren't using strong crypto on the air for keyboards is a non-issue as long as you haven't made a threat assessment.
In general, a leaked credit card number isn't the world. You get a couple of bogus charges, you challenge them with the bank, the bank refunds your account and files fraud charges for the police to pursue the perpetrator. End of story as far as you are concerned.
Same thing with personal information. Very few people would actually want to read your medical record. I am not one of them.
My point is this: if you have information somebody else wants, not having wireless keyboards is not going to stop them from getting it. They'll videotape you through the window as you type your password from the building next door (that's my "Sneakers" reference). They'll eavesdrop on RF leakage from your wired network (you'd be surprised how much RF a normal network generates - why do you think the military only uses fiber, end to end?). They'll even tune in RF from your monitor and read your screen contents. All this can be done from across the street with fairly professional equipment.
So if you have sensitive information, take it all the way and do a real threat assessment. If you don't have sensitive information, nobody is really going to care about wireless leakage from the keyboards in particular. Except, possibly, those who use the computers which accidentally share frequencies and therefore appear totally haunted.
If there are 2^12 random possibilities, after about 2^6 tries there's a 50% chance of a collision/match.
m .html
Basically for 2^x different possibilities, the 50% chance is hit at about 2^(x/2). For more accuracy try 1.2 * 2^(x/2).
So in a LAN party of about 80 people using the same model wireless mouse mentioned, don't be surprised there's a 50% chance of a collision.
That's not exact, but it's good enough in most cases. Usually the stuff is broken so badly that you won't care how broken it is. Or you have a rough idea of the orders of magnitude.
For details see:
http://mathworld.wolfram.com/BirthdayProble
Whenever a consumer electronics marketing material says encryption, they mean encoding. Unless they mention standard crypto algos, in which case read "bad implementation of standard crypto". Because those that actually care, aren't fooled and aren't in their target markets.
Because they haven't discovered the Mouse Bungee yet.
:)
I used to have a cordless mouse. I swore by it, even after it went to 1/3 its original range for some reason (New batteries didn't fix the problem)
Eventually, it broke. I splurged on an MS Intellimouse Explorer (Back when it was the only optical mouse that didn't need a special mousepad a la Sun opticals). Loved the optical, loved the smoother response in games (Cordless mice have a low update rate, which is why I'll never go back), esp. when using the mouse in USB mode.
Couldn't stand the cord... But I lived with it until I bought a Mouse Bungee. Haven't had cord tangle problems ever since.
I don't remember the URL, but the MBs run $12-20 and worth every penny. (For those that don't know what it is - It's a weighted stand with an elevated cord holder on a spring that keeps your mouse cord neatly organized.)
retrorocket.o not found, launch anyway?