Slashdot Mirror
Researchers Sniff Keystrokes From Thin Air, Wires
narramissic writes "Two separate research teams have found that the electromagnetic radiation that is generated when a computer keyboard is tapped is actually pretty easy to capture and decode. Using an oscilloscope and an inexpensive wireless antenna, the Ecole Polytechnique team was able to pick up keystrokes from virtually any keyboard, including laptops — with 95 percent accuracy over a distance of up to 20 meters. Using similar techniques, Inverse Path researchers Andrea Barisani and Daniele Bianco picked out keyboard signals from keyboard ground cables. On PS/2 keyboards, 'the data cable is so close to the ground cable, the emanations from the data cable leak onto the ground cable, which acts as an antenna,' Barisani said. That ground wire passes through the PC and into the building's power wires, where the researchers can pick up the signals using a computer, an oscilloscope and about $500 worth of other equipment. Barisani and Bianco will present their findings at the CanSecWest hacking conference next week in Vancouver. The Ecole Polytechnique team has submitted their research for peer review and hopes to publish it very soon."
This needs a Van Eck tag, for Stephenson's Cryptonomicon bit.
They could still do it through wireless. The keys emit a signal that can be picked up no matter what connection the keyboard has to the computer.
For all you paranoid conspiracy theorists out there that are busy shitting bricks, I will be developing a USB based jamming device that will saturate the area with dummy signals. Please send $100 via brown paper bag on doorstep courier.
God. We all love xkcd, and we all already though of this right after we though of TEMPEST. These xkcd posts have gone from redundant to flamebait. For the love of Randal, please stop!
The nice thing about standardized wireless links is that they are so painfully insecure that people have a hard(er) time maintaining a false sense of security about them, which leads to more care.
One might also note that the PS/2 port is electrically compatible with the old AT keyboard that debuted in 1984, on a system with a 6MHz 8086. Not exactly an era where the computational cost of encrypting local busses was even remotely sensible.
I can't imagine this story being news to Hertz or Marconi.
As a lay man, I cannot see a genuine use of this technology without breaking the law.
As with ALL security research there's ALWAYS one legal use: Using the info and techniques to find ways to defend yourself against bad guys who use the techniques against you and to test that your defenses are adequate.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
[Military anecdote] So I'm quite baffled by this "research" being presented well over 30 years after that.
It can take decades for things to get declassified.
You could spend 2 billion dollars shielding something, or you could spend $144 an hour paying ~20 people minimum wage to sit on myspace, irc, and twitter all day and space them around your complex.
A bullet may have your name on it but splash damage is addressed "To whom it may concern."
Look up "TEMPEST", e.g. in http://en.wikipedia.org/wiki/TEMPEST - this isn't merely "old news", this is "so ancient it dates before I was born", and I am old enough to have used punch cards.
This is why some computer rooms will never contain wireless peripherals or wireless networks or Internet connections; but will have an intimidating sign on the door, and combined biometric/keypad entry, and Faraday cages built into their walls, and a self destruct mechanism, and fences around them, and 24/7 armed guards, and a hot line to a fast-response team on a separate near-by base.
For everyone else, well, when you buy tinfoil rolls, remember to buy enough for your hat _and_ your peripherals cables :-)
if(dislikesApple()||!isDemocrat()){$mod--;}
if (user.writesInPseudocode()) user.setDork(true)
What makes, eg. bidding/negotiations some form of "evil plans"? Such methods certainly require secrecy on the part of BOTH parties.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
And would probably be defeated by the onscreen keyboards that move after you enter each character, and rearrange the character layout. (I've only seen that done for numeric PINs, rearranging an alpha kb would be a UI pain)
Would this work with ATM keypads?
Bluetooth doesn't use WEP, does it? I thought WEP was only for wlans.
This is true... however the idea that the original WLAN encryption was stated to be "wired equivalent", and ended up actually being super weak... from this it kind of suggests that "wired equivalent" isn't a very strong transmission security in the first place.
The idea here is that only when transmissions are made explicitly for communication do many people even think about the security of those transmissions. I mean... who would think to encrypt keyboard input data from a wired keyboard to the computer? We only think of information as traveling along established lines, however we forget constantly that information is leaked...
A lesson for everyone here I think is to be aware that all transmission methods are insecure.
WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS