Slashdot Mirror
Beware the Haunted Cordless keyboard
dr. greenthumb writes "The norwegian newspaper Aftenposten reports about an incident where a computer suddenly seemed to develop a life of its own. A game which the user could not remember using that day suddenly appeared on the screen. When he went over to shut it off the screen displayed a message asking him if he "really wanted to delete this file?"
His computer was receiving keystrokes from another computer (with the same type of wireless keyboard) 150 metres away!
Check out the full story and a follow-up, where experts warns against using wireless keyboards." /me plans to destroy Hemos' sanity...
not all supposedly convenient technologies are necessarily better or more convenient. I like having a cord on my mouse and keyboard because 1) i know it's connected and 2) i know another isn't. Wireless keyboards etc. have no less a security risk involved as would a wireless network. Imagine being logged on as root and having the guy on the floor above you type in rm -rf /. while you hit the bathroom. even if your door is locked, you're still screwed.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
The attitude companies have towards security is appalling. Wireless keyboards have to use strong cryptography or credit card numbers and personal information are being broadcast across the neighborhood. 256 channels isn't going to fix it.
Wireless keyboards have other security issues. Read up on the discussion that took place about this on SecurityFocus: http://online.securityfocus.com/archive/82/173944
I have the same trouble with my tv remote. After the wife goes to bed, it turns to the TV-MA flicks on Cinemax and then clicks back to TLC or something whenever she walks in.
I know there are security and other settings that when properly configured will help prevent these mistakes, but just look at the number of unsecured business wireless networks out there that don't even have WEP turned on. Its going to be nasty.
VNC in an office environemnt is a lot of fun with all the Windows users that never notice the little VNC server icon in the 'systray' - right next to their Gator and Bonzi Buddy icons.
I've got the keystrokes down just right
[Ctrl]+[Esc] -> r -> notepad -> Do you want to live, human? -> [F4]
under a second. Leaves the poor things troubeled. Confused. Hungering for the sweet realse of alcohol or a shotgun.
Or just move the mouse subtely when they go to click on somthing.
Of course, don't forget to tell them that it could be Bill Gates fucking with their computer - he's mad that they diden't forward the Windows 95 Beta email. He really wanted to give them $1000 and he's pissed his knickers.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
That's right, WarKeyboarding! Boost the signal of your keyboard, and drive around town attempting to control random computers. Not seeing a screen is kind of difficult, but that's only a minor obstacle. Also use a tuned receiver to listen to keystrokes from around town. Passwords galore!
...I'll procrastinate tomorrow...
My Log?tec keyboard hask been working for the law#tst two years witout any hi19tch.
Finally I'll have a decent excuse why that webpage full of naked women was on the screen when my girlfriend walks into the computer room. "I swear honey, it wasn't me.."
I uLse a LogUitecZh wirEelRess and mYouse. It's beOen happUening Rso muKch laEteYly, I'vSe gotAten uRsed to iEt. ThoRse meddUlinLg kiEds! GooDd thiDng they cOan't tRype as fKast at me.
Today's mice are well known to spiral the cursor in a circular motion around your screen at a high rate of speed, clicking the screen randomly when their internal circuitry begins to fry.
... once at a colleague's desk, and another time during an application demo.
I've witnessed it twice
It's great fun to explain that the problem is the mouse and not your app to a room full of speculative non-technical people.
In theory, yes. How many combinations of frequency and code are there? My uncle used to work in a Ford factory, and every car that rolled off the assembly line together used the same key. It's possible that they keyboards have a similar problem.
I can't say that I don't give a fuck. I've just run out of fuck to give.
150 meters? that's cool... since i use inches and feet, i'm not affected.
Seriously, though. I've been using Logitech cordless desktops for years - I've had four in my apartment in close proximity with no problem, and used several at work as well. If a mouse or keyboard syncs with a base unit, it syncs to *that* unit. You can sync multiple devices to a base unit, but I have never seen a device sync to multiple base units. A nice little thing about Logitech's system is that they are all compatable - I like the simple diamond mouse and a keyboard without extra multimedia buttons, and detest the ergonomic "crashing wave" mouse. I can pick and choose my keyboard and mouse, walk over to a computer, hit the sync button and start using it at that terminal. The only problem I've ever had was when the living room computer was next to the multimedia computer and you sometimes synced to the wrong one... so you'd check before typing willy-nilly. :)
Wireless keyboards and mouses are great - I swear by them. I change batteries maybe once every 4 to 6 months, and don't ever have to worry about cables. At home I type in my lap, and can have my phone right against the top of my mousepad, my monitor to the left, and a glass of tea to the right and not worry about the cord catching the phone cord or knocking over the tea.
Now, I *would* like an encrypted signal, sure... but gimmie a break... who the hell cares to capture a few hours of my posting to Slashdot and writing rough drafts of lyrics? Certainly not *my* neighbors. Still, I ssh to my servers, and it would be really nice to have a secure connection to my keyboard. If I was really paranoid, I'd stick my monitors in a Faraday cage to prevent the video signal from being broadcast... everybody is sending *that* out (where everybody = really close to 100% of all computers).
--
Evan
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
To be more complete, a Part 15 device is a secondary (or tertiary, if there is already a secondary) user of the entire radio frequency spectrum. That means that they can use the RF spectrum, as long as they don't cause harmful interference to a user with higher priority.
That means that if your device is hurting my ham radio operations on 146.880 MHz, then I sic the FCC on you, but if I interfere with you, I have primary user rights, so you're outta luck.
The primary, secondary, etc. system is just a pecking order for RF users. You can interfere with those with higer priority all you want, but Part 15 is always at the bottom.
-twb
How are things at NASA these days?
If only we could secure wireless technologies. Maybe we could have the signals travel in a secure method - maybe down some sort of tube. maybe the tube would have to have some sort of "antennae" - maybe it should be of some conductive material - like copper.
We should also make sure that these "tubes" are shielded in some way - with maybe a suple rubber coating.
Then the wireless signals could travel through this "tube" from the keyboard to the computer - thus rendering them safe from nasty hackers that may be listening.
Bluetooth security may not be perfect, but it's a whole lot better than this. Bluetooth devices are paired and can encrypt their communications. Furthermore, setting up Bluetooth security is much simpler than setting up 802.11b security, and many devices will simply not work unless the end user does. If all wireless keyboards switched to a proper Bluetooth implementation, security would be a whole lot better than with these random RF hacks.
I live in a dorm situation, so it is very possible kids who are nearbye will interfere/send keystrokes/recieve keystrokes from my computer. However, Logitech promises Cordless freedom through multi-channel digital radio technology with secure encryption.
Loitech assures us that the kind of stuff mentioned in the article cannot happen:
But I can't find any more details about this technology. So some logitech keyboard have encryption, some don't. I wonder how easy it is to add encryption to these thigns without latency. I don't want to press "a" and wait 2 seconds while the signal decrpyts for the a to appear on my screen. I wonder how simple or complex the encryption is on my cordless access keyboard. Is it a simple XOR like the AIM passwords or is it real encryption? I don't know. But frankly, I am not worried.Bottom Line: zero encryption with 12-but ID codes is good enough for me. If someone really wanted to get at my credit card numbers, they would probobly come into my unlocked room and find my wallet with my credit card in it instead of building a device to pick up the radio signals from my keyboard. Logitech claims a .25% chance of interference, and as long as my keyboard work, that is also good enough for me.
How about a wide-spectrum IR-type keyboard. You'd have to align the transmitter and receiver, but at least the signal wouldn't be escaping the confines of your house/apartment/etc.
Also, how about security wireless mice? There's no password-sniffing risk, but I guess somebody could move the cursor around on your PC and delete files etc... not quite as bad as keybpard access though.
Can anyone give any info on available IR mice/keyboards? Most checks in search engines seem to just links about mice using IR for movement detection, not transmission
Southern New Jersey police dispatchers were wondering why they were receiving requests for New England Patriots, Boston Bruins, and Boston Celtics statistics on their monitors....
Mordor...a magical, mythical land where women are more rare than dragons--but where every man would rather find a dragon
Happens that, right after Christmas (or maybe Christmas afternoon, I can't remember) one of the neighbor kids shows up with his shiny new rc-10 (mine was somewhat more scarred - see above). Naturally, I ran inside and got my car out so that we could race. What a disaster - my car did this stuttery thing and ended up in a flowerbed, while my friends' brand-new rc-10 went off full-throttle up our driveway, completely out of control, and then zipped right under the gate and into the waiting fangs beyond. By the time we got the gate undone, it was too late. Yeah, we checked, and yeah, both of us were on the same freq. What a scene - I'll never forget it
political_news.c: warning: comparison is always true due to limited range of data type
Now, will someone please explain to me how updating drivers for a 3 year old wireless keyboard will encrypt the path from the keyboard to the receiver? I'm honestly asking, because I don't get it. Or does it only work for recent revisions of these keyboards? I don't think this wasn't a part of the drivers when I bought it a couple years ago. I tried to ask LISA, their magical online support, but all I got was:
"LISA I found no items pertaining to 'encryption'."
It's psychosomatic. You need a lobotomy. I'll get a saw.
Turns out it fell between two of the couch cushions, which were depressing the "next channel" button...