Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Sniff Keystrokes From Thin Air, Wires

Posted by timothy on from the making-a-tempest-of-themselves dept.

narramissic writes "Two separate research teams have found that the electromagnetic radiation that is generated when a computer keyboard is tapped is actually pretty easy to capture and decode. Using an oscilloscope and an inexpensive wireless antenna, the Ecole Polytechnique team was able to pick up keystrokes from virtually any keyboard, including laptops — with 95 percent accuracy over a distance of up to 20 meters. Using similar techniques, Inverse Path researchers Andrea Barisani and Daniele Bianco picked out keyboard signals from keyboard ground cables. On PS/2 keyboards, 'the data cable is so close to the ground cable, the emanations from the data cable leak onto the ground cable, which acts as an antenna,' Barisani said. That ground wire passes through the PC and into the building's power wires, where the researchers can pick up the signals using a computer, an oscilloscope and about $500 worth of other equipment. Barisani and Bianco will present their findings at the CanSecWest hacking conference next week in Vancouver. The Ecole Polytechnique team has submitted their research for peer review and hopes to publish it very soon."

6 of 217 comments (clear)

  1. needs another tag by Anonymous Coward · · Score: 4, Insightful

    This needs a Van Eck tag, for Stephenson's Cryptonomicon bit.

  2. Re:Guess what by Jmanamj · · Score: 5, Insightful

    They could still do it through wireless. The keys emit a signal that can be picked up no matter what connection the keyboard has to the computer.

    For all you paranoid conspiracy theorists out there that are busy shitting bricks, I will be developing a USB based jamming device that will saturate the area with dummy signals. Please send $100 via brown paper bag on doorstep courier.

  3. Re:Mouse by fuzzyfuzzyfungus · · Score: 4, Insightful

    The nice thing about standardized wireless links is that they are so painfully insecure that people have a hard(er) time maintaining a false sense of security about them, which leads to more care.

    One might also note that the PS/2 port is electrically compatible with the old AT keyboard that debuted in 1984, on a system with a 6MHz 8086. Not exactly an era where the computational cost of encrypting local busses was even remotely sensible.

  4. As with ALL security research by Ungrounded+Lightning · · Score: 3, Insightful

    As a lay man, I cannot see a genuine use of this technology without breaking the law.

    As with ALL security research there's ALWAYS one legal use: Using the info and techniques to find ways to defend yourself against bad guys who use the techniques against you and to test that your defenses are adequate.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
    1. Re:As with ALL security research by harry666t · · Score: 3, Insightful

      ...unless you're in Germany.

  5. Re:The solution is obvious... by evilviper · · Score: 3, Insightful

    In a world where everybody knows what everybody else is thinking at all times and all places, anybody with evil plans would find it hard to carry them out.

    What makes, eg. bidding/negotiations some form of "evil plans"? Such methods certainly require secrecy on the part of BOTH parties.

    --
    Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant