Slashdot Mirror

← Back to Stories (view on slashdot.org)

Compromising Wired Keyboards

Posted by CmdrTaco on from the not-a-lot-of-substance-here dept.

Flavien writes "A team from the Security and Cryptography Laboratory (LASEC) in Lausanne, Switzerland, found 4 different ways to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls. They tested 11 different wired keyboard models bought between 2001 and 2008 (PS/2, USB and laptop). They are all vulnerable to at least one of the 4 attacks. While more information on these attacks will be published soon, a short description with 2 videos is available."

6 of 277 comments (clear)

  1. TEMPEST by michaelhood · · Score: 5, Informative

    This appears to be related to why TEMPEST attacks work on monitors.

  2. Re:laptops only? by tsvk · · Score: 4, Informative

    I understood that the disconnecting of the charger was because of that the "victim" laptop computer and the "attacker" desktop computer were connected to the same electrical mains network of the building.

    By disconnecting the laptop charger it was proven that the keyboard signal was truly intercepted from over-the-air electromagnetic radiation, as the laptop was "independent" and not connected to anything. There was not any chance that the signal could have leaked or transmitted any other way.

  3. Re:laptops only? by mollymoo · · Score: 2, Informative

    These videos indicate that the powersupply interferes with the signal, so they only test on laptops running on battery. Does this mean that it doesn't work on desktop computers?

    I think they only removed the power supply and monitor because sniffing monitor and power supply emissions are known attacks. They wanted to demonstrate that it really was the keyboard they were sniffing. I guess we'll have to wait for the paper to see how well it works when the other emissions you get from a complete system are present.

    --
    Chernobyl 'not a wildlife haven' - BBC News
  4. Re:Nothing new by Constantine+XVI · · Score: 5, Informative

    It's called van Eck phreaking, and it's been applied to monitors for a while now, but no-one's really talked about sniffing from the keyboard.

    --
    "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
  5. Re:MI5 & Intelligence Agencies by Anonymous Coward · · Score: 3, Informative

    CRT monitors used to leak a lot of EM. Is it still working with LCD screens ? I doubt it

    http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf

  6. Re:Time for a Faraday cage? by Aphoxema · · Score: 2, Informative

    The + on the 120VAC is extraneous.

    --
    "Most people, I think, don't even know what a rootkit is, so why should they care about it?"