Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wireless Keyboard "Encryption" Cracked

Posted by kdawson on from the hardly-needs-a-brute dept.

squidinkcalligraphy writes "While everyone is going on about wireless network security, it seems few have considered that increasingly common wireless keyboards can be vulnerable to eavesdropping. Particularly when the encryption is pitifully weak. All that's needed is a simple radio receiver, sound card, and a brute-force attack on the 8-bit encryption used. Passwords galore! Bluetooth, it seems, is safe for the moment."

9 of 232 comments (clear)

  1. Gimme a break by DNS-and-BIND · · Score: 5, Insightful
    OK, instead of broadcasting in the clear, the keyboard gets a little encryption algorithm to prevent anyone from listening in. Some blowhard then takes it upon himself to crack the gradeschool encryption, and trumpets it far and wide as a "security breach". Durrrr...

    Anyone concerned about security doesn't use a wireless keyboard....Durrrr

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    1. Re:Gimme a break by scrantaj · · Score: 4, Insightful

      Sadly the unwashed masses on the internet are not concerned about security because they don't understand it. These are the people who fall for phishing mails, don't keep their AV up to date or blindly click ok on every dialog box that pops up on their system ( a response re-inforced by Vista's insistance on user interaction to do anything ). Expecting these people to use a wired keyboard to improve their security is pointless. They use wireless keyboards because they are "cool" or so that they don't have to mess around with all those untidy cables.

  2. Re:Why a soundcard ! by WombatDeath · · Score: 4, Insightful

    I doubt they need output, but perhaps the function of the sound card is to capture the input from the radio receiver.

  3. Re:urm by tacet · · Score: 3, Insightful

    not really. the antenna is the best receiver, so hacker equipped with yagi antenna can intercept signals from reasonable distance. /excuse my english

  4. Re:Under my desk by chuckymonkey · · Score: 5, Insightful

    Easy there, just because someone reads slashdot does not mean that they have ever been interested understanding radio waves. It was a legitimate question and deserves a legitimate answer. That's called improving the discussion and educating along the way. For all you know this guy could be a master of accounting and if you asked a (to him) basic question about accounting and he responded like you did I don't think that you would be very appreciative. Yes, I see your low UID and I also don't care rude is rude.

    --
    "Some books contain the machinery required to create and sustain universes."-Tycho
  5. Re:Shocked by fmobus · · Score: 3, Insightful

    I might (and wantto) be wrong, but all "non-interactive" bluetooth devices I've seen use the same factory-set password, namely "0000". Can anyone explain me why this isn't exploitable?

  6. No encryption mybe? by Maavin · · Score: 5, Insightful

    Could be that the "encryption" is just a way to handle multiple keyboards in one reception range...

    --


    Crivens! I kicked meself in me own heid!
  7. Re:Why a soundcard ! by Fordiman · · Score: 4, Insightful

    "Why not just let him continue in his ignorance?"

    Well, because the less you share information with the apparently ignorant, the more ignorant society at large is.

    If I ask a question, even if it's a dumb one, I desire an answer. As such, I respond to questions I have the answers to. Be the change you want to see in the world, and all.

    --
    110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
  8. Re:urm by rycamor · · Score: 3, Insightful

    In our development dept., one guy used a wireless Logitech keyboard to set up his test FreeBSD box, then left the box on for the next couple days without checking (he did log out, though). Next time we looked at it, the screen was covered with login passwords, chat discussions, company memos, etc... We fairly freaked for a minute, then after a bit of quick reconnaissance, discovered that the company's sales director was also using the same keyboard in an office 3 rooms over. So somehow not only did these two keyboards happen to have the same encryption key, but the signal went through 3 walls and 30 ft of space to reach our console. We stopped using wireless anything after that.