Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Sniff Keystrokes From Thin Air, Wires

Posted by timothy on from the making-a-tempest-of-themselves dept.

narramissic writes "Two separate research teams have found that the electromagnetic radiation that is generated when a computer keyboard is tapped is actually pretty easy to capture and decode. Using an oscilloscope and an inexpensive wireless antenna, the Ecole Polytechnique team was able to pick up keystrokes from virtually any keyboard, including laptops — with 95 percent accuracy over a distance of up to 20 meters. Using similar techniques, Inverse Path researchers Andrea Barisani and Daniele Bianco picked out keyboard signals from keyboard ground cables. On PS/2 keyboards, 'the data cable is so close to the ground cable, the emanations from the data cable leak onto the ground cable, which acts as an antenna,' Barisani said. That ground wire passes through the PC and into the building's power wires, where the researchers can pick up the signals using a computer, an oscilloscope and about $500 worth of other equipment. Barisani and Bianco will present their findings at the CanSecWest hacking conference next week in Vancouver. The Ecole Polytechnique team has submitted their research for peer review and hopes to publish it very soon."

9 of 217 comments (clear)

  1. As a reminder by geekoid · · Score: 4, Informative

    Publishing is one of the first steps in peer review.

    Thank you.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  2. Phreaking by debrain · · Score: 3, Informative

    Nifty wiki links:
    Van Eck Phreaking
    TEMPEST
    Rainbow series

  3. LOL, yeah by Giant+Electronic+Bra · · Score: 4, Informative

    You beat me to it. DOD has had a whole system (TEMPEST) for classifying this kind of EM emissions from secured systems at least since the mid 1980's. Nothing new about it at all. I recall working for a particular defense contractor where we had an entire 'black area' of the plant that was TEMPEST rated. Independent filtered power, EMF shielding everywhere, etc. It was pretty expensive to set up too.

    --
    "Malo periculosam, libertatem quam quietam servitutem." -- Jefferson
  4. Re:Guess what by fuzzyfuzzyfungus · · Score: 5, Informative

    I can't hear you sonny, type louder!

  5. This is not news by mbone · · Score: 2, Informative

    Google "Tempest." Some of this has been released, some not, but this is decades old.

  6. Re:Guess what by belmolis · · Score: 5, Informative

    A surefire way to get around keyboard monitoring is not to use one. It is admittedly rather tedious, but if you have good cause to be concerned about security, you can use an on-screen keyboard. As far as I know, they can't obtain the necessary information by monitoring your mouse signals.

    Martus, a package aimed at human rights workers who need to keep their activities secret from hostile governments, includes an on-screen keyboard.

  7. Re:Much ado about nothing? by nicolas.kassis · · Score: 4, Informative

    They were talking about listening to the noise the keys are making through a computers microphone. This is worse. This is saying that someone can sniff you keystrokes through power lines.

  8. Re:needs another tag by luder · · Score: 4, Informative

    From wikipedia:

    "Van Eck phreaking is the process of eavesdropping on the contents of a CRT display by detecting its electromagnetic emissions".

    Also worth checking: open-source Van Eck phreaking implementation.

  9. "TEMPEST: A Signal Problem" by FranklinWebber · · Score: 3, Informative

    You are correct. See

    http://blog.wired.com/27bstroke6/2008/04/nsa-releases-se.html

    for a summary and see

    http://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf

    for the recently declassified document. The discovery of this problem is dated to 1943.