Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wireless Keylogger Masquerades as USB Phone Charger

Posted by Soulskill on from the in-case-you-were-running-out-of-attack-vectors-to-worry-about dept.

msm1267 writes: Hardware hacker and security researcher Samy Kamkar has released a slick new device that masquerades as a typical USB wall charger but in fact houses a keylogger capable of recording keystrokes from nearby wireless keyboards. The device is known as KeySweeper, and Kamkar has released the source code and instructions for building one of your own. The components are inexpensive and easily available, and include an Arduino microcontroller, the charger itself, and a handful of other bits. When it's plugged into a wall socket, the KeySweeper will connect to a nearby Microsoft wireless keyboard and passively sniff, decrypt and record all of the keystrokes and send them back to the operator over the Web.

150 comments

  1. And this is good why? by Iniamyen · · Score: 3, Insightful

    I am not a security expert, but what non-nefarious purpose does this product serve?

    1. Re:And this is good why? by AK+Marc · · Score: 1

      What if you want to sniff your own keyboard?

      --
      Learn to love Alaska
    2. Re:And this is good why? by fightinfilipino · · Score: 5, Funny

      What if you want to sniff your own keyboard?

      when i do this i just end up snorting cookie and chip crumbs.

    3. Re:And this is good why? by slacktide · · Score: 5, Insightful

      It's purpose is clearly to force wireless device manufacturers to use secure data transmission protocols.

    4. Re:And this is good why? by Anonymous Coward · · Score: 5, Insightful

      people could be secretly using this technology already, could have been for the past 10 years or more, to spy on you.

      by making it easy and publicizing it, this teaches you today about the risks you have already been facing which is good because perhaps now you will take steps and do something about it.

    5. Re:And this is good why? by Anonymous Coward · · Score: 2, Informative

      It raises awareness to just how insecure wireless keyboards are, so that hopefully people will stop using them for anything important.

    6. Re:And this is good why? by Opportunist · · Score: 5, Insightful

      This is good because he told us instead of handing us a USB charger.

      "But if he wouldn't develop it, it would be better!"

      Nope. Because there is no such thing as security by apathy. Nobody has the monopoly on ideas, and this is hardly the first hack of this kind. Hiding microelectronics in inconspicuous everyday items is as old as, well, the Thing. Think the US would have been spied upon if they themselves knew such a device can be developed?

      And do you think you can be spied upon with such an item now?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    7. Re:And this is good why? by Anonymous Coward · · Score: 1

      All I want to say to any would-be hacker that wants to know what's going on in, on, or around my computer is: sniff my dump.

      The relevant excerpt:

      "Simon," the Boss begins, "we have a formal complaint about you from one of the new system programmers. He claims that you are being unnecessarily offensive to him."

      "I'm afraid I haven't the faintest idea what you're talking about."

      "He claims that you told him to do something with your faeces."

      "I beg your pardon?" I reply, shocked. "There must be some mistake. The last time I spoke to him I told him that I had a system crash core that I'd like him to examine. I cannot possibly be held responsible for the strange way in which he interpreted that."

      "You were leaving the toilet at the time."

      "Purely coincidental. I simply mentioned it when the opportunity arose."

      "Mentioned? It was more of a shout wasn't it? I believe I heard it myself from in here."

      "I concede that it may have been slightly more than a whisper, but that was only because of the deference that I feel for his wealth of professional knowledge..." (Well, it was worth a shot).

      "The words 'sniff my dump' do not engender in MY mind a feeling of professional respect."

    8. Re:And this is good why? by Anonymous Coward · · Score: 0

      True, but wrong its.

    9. Re:And this is good why? by Anonymous Coward · · Score: 0

      The smeller's the fellar

    10. Re:And this is good why? by fustakrakich · · Score: 1

      The nefarious against the nefarious is non-nefarious..?

      --
      “He’s not deformed, he’s just drunk!”
    11. Re:And this is good why? by Anonymous Coward · · Score: 0

      What if you want to sniff your own keyboard?

      Finally: I can recover all of that source code I just typed in.

    12. Re:And this is good why? by Drewdad · · Score: 1

      It's good, because it reveals a security flaw that could be exploited. By providing plans, it allows people to verify the finding.

      If someone, like myself, is security conscious, then it helps to identify another threat vector.

    13. Re:And this is good why? by Archangel+Michael · · Score: 1

      In Spy vs Spy, which spy did you root for?

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    14. Re:And this is good why? by gstoddart · · Score: 1

      And do you think you can be spied upon with such an item now?

      Of course you bloody well can.

      Are you going to run around unplugging every USB wall charger in your vicinity on the presumption it's bugged? Think you'll be in the airport and force everyone to unplug their USB chargers? Think that won't get you a beating?

      Unless you have control over every single thing which is plugged in, you absolutely can still be spied on like this.

      The form factor is trivially altered -- so then you're policing anything with a plug -- but the attack vector is unchanged, because apparently it's utterly trivial to spy on wireless keyboards.

      You are no more or less secure with the knowledge this can be done, unless you stop using wireless keyboards. Because you simply can't police every electrical plug in your vicinity.

      Consumer electronics aren't built for security. They're built for convenience, and we see time after time that security is either non-existent, or so completely trivial as to effectively be non-existent.

      --
      Lost at C:>. Found at C.
    15. Re:And this is good why? by Opportunist · · Score: 2

      Well, then I guess the lesson is to not use wireless keyboards.

      In the end, you have learned something. Information you have can never be harmful to yourself. At least not by itself.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    16. Re:And this is good why? by Anonymous Coward · · Score: 0

      In Spy vs Spy, which spy did you root for?

      Neither. Alfred E. Neuman, FTW.

    17. Re:And this is good why? by Anonymous Coward · · Score: 0

      > I am not a security expert, but what non-nefarious purpose does this product serve?

      To demonstrate that wireless keyboards are insecure.

    18. Re:And this is good why? by Imagix · · Score: 1

      Spy.

    19. Re:And this is good why? by gweihir · · Score: 1

      It is a demonstration what can be done. As such it servers to improve risk-management by potentially affected people.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    20. Re:And this is good why? by Anonymous Coward · · Score: 0

      It's purpose is clearly to force wireless device manufacturers to use secure data transmission protocols.

      Yeah right. I'll believe that when...no, nevermind, that's bullshit any way you look at it. Vendors could care less about your security or privacy beyond how much they can charge for it.

      Even Sony right now wouldn't invest in secure keyboard initiatives.

    21. Re:And this is good why? by blueg3 · · Score: 1

      Demonstrating that people should be using wireless keyboard protocols that don't suck.

    22. Re:And this is good why? by houghi · · Score: 1

      So you are going to unplug it and think you are safe? Watch the video. It is also battery driven, so unplugging it won't work.

      Further: This is just a design idea. You could easily put it into e.g. a USB device or anything else or just tape it with a battery under a desk.

      And I understand that they are not build for security, but they are used for it. People doing their bank business. They use it to log into email accounts. They are used to order things online where they enter credit card numbers.

      --
      Don't fight for your country, if your country does not fight for you.
    23. Re:And this is good why? by Impy+the+Impiuos+Imp · · Score: 1

      Smells like Doritos and shame.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    24. Re:And this is good why? by alen · · Score: 1

      say my monitor is broken and i want to know what i'm typing?

    25. Re:And this is good why? by Firethorn · · Score: 1

      Unless you have control over every single thing which is plugged in, you absolutely can still be spied on like this.

      You'd also have to flip the breakers as well, not to mention wait until any integrated batteries have time to die.

      I've seen this sort of stuff connected within the wall box the socket is in. They're already illegal, so you don't have to use 18 gauge wire or whatever while worrying about fire code - just tack on some whisker-thin wires (28 gauge?) for power. Heck, see if you can shove it OUT of the box.

      --
      I don't read AC A human right
    26. Re:And this is good why? by Anonymous Coward · · Score: 0

      You mean couldn't care less and they will care when huge companies stop buying their products because they're insecure.

    27. Re:And this is good why? by g0bshiTe · · Score: 1

      Illustrates why you should use a wired keyboard.

      --
      I am Bennett Haselton! I am Bennett Haselton!
    28. Re:And this is good why? by rthille · · Score: 1

      If you're in the airport and you're using a wireless keyboard, you're a wanker...

      --
      Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
    29. Re:And this is good why? by Anonymous Coward · · Score: 0

      Forget about that. I want to do the reverse. I want to inject characters. My neighbor is going to type "penis" once a minute from now on.

    30. Re:And this is good why? by Anonymous Coward · · Score: 0

      Look and see what keys you are pressing?

    31. Re:And this is good why? by Lumpy · · Score: 1

      Don't buy cheap keyboards and mice and use bluetooth.

      Problem solved.

      --
      Do not look at laser with remaining good eye.
    32. Re:And this is good why? by CaptainDork · · Score: 1

      You can test that with a magnet.

      --
      It little behooves the best of us to comment on the rest of us.
    33. Re:And this is good why? by Anonymous Coward · · Score: 0

      You may be thinking of large, desktop keyboards.

      But many tablet covers have built-in wireless keyboards. (iPad, Android, Surface Pro ...)

    34. Re:And this is good why? by sumdumass · · Score: 1

      That does sort of raise the question of if you can sniff it, can you replay it?

      If so, with a few keyboard shortcuts and control tans, you could have your neighbor sending penis to every email address he knows.

    35. Re:And this is good why? by sumdumass · · Score: 1

      Ever hear of acustic cryto analizing?

      Basically, with varying degress of success, a microphpne recording you typing and some software can decode your keystrokes on a wired keyboad. I'm waiting on someone to perfect the van eck effect/phreaking.. although i think that was limited to CTR monitors. Its been a while since i looked at either.

    36. Re:And this is good why? by BronsCon · · Score: 1

      None. But it's good to know about.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    37. Re:And this is good why? by BronsCon · · Score: 1

      Those use Bluetooth and, while probably not perfectly secure, are much more difficult to attack (unless they use a hardcoded passcode like 0000 or 1234)

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    38. Re:And this is good why? by al0ha · · Score: 1, Informative

      Dang this is NOT A STORY and the claim that this can work against all Microsoft Wireless Keyboards is 100% BS, and has been since 2007, when the issue was first uncovered; covered in depth by Schneier, and remedied in all versions of the Microsoft Wireless Keyboard created since then, which use at minimum 128-bit AES; NOT XOR.

      --
      Did you ever wake up in the morning, with a Zombie Woof behind your eyes? -- FZ
    39. Re:And this is good why? by Ol+Olsoc · · Score: 1

      It's purpose is clearly to force wireless device manufacturers to use secure data transmission protocols.

      I wonder if he teaches his kids about gravity by throwing one of them off a cliff?

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    40. Re:And this is good why? by Anonymous Coward · · Score: 0

      you could have your neighbor sending penis to every email address he knows.

      Then they can run for New York congress!

    41. Re: And this is good why? by Anonymous Coward · · Score: 0

      Leave in airport, collect business traveler info, blackmail for profit

    42. Re:And this is good why? by Anonymous Coward · · Score: 0

      Use wired, no one can sniff that.
       
      *cough* tempest

    43. Re:And this is good why? by davester666 · · Score: 1

      then I wake up with my pants around my ankles, feeling like something bad just happened....

      --
      Sleep your way to a whiter smile...date a dentist!
    44. Re:And this is good why? by hankwang · · Score: 2

      "the claim that this can work against all Microsoft Wireless Keyboards is 100% BS, and has been since 2007, when the issue was first uncovered; covered in depth by Schneier, and remedied in all versions of the Microsoft Wireless Keyboard created since then, which use at minimum 128-bit AES; NOT XOR."

      The only meaningful hits on 'schneier microsoft wireless keyboard' is just a few broken links to a Dreamlab study: http://www.google.com/search?q...,

      Those were using a 27 MHz transmitter (near field, i suppose) and an association process that at least uses a different xor key each time. TFA claims that the newer 2.4 GHz keyboards always use the same xor key, 0xCD. TFA mentions at least two recent keyboard models that use this protocol. (Maybe I overlooked other ones)

      It seems that there is only the MS "2000 AES for business" keyboard that is explicitly marketed as using AES. http://www.microsoft.com/hardw...

      --
      Avantslash: low-bandwidth mobile slashdot.
    45. Re:And this is good why? by tehcyder · · Score: 1

      What if you want to sniff your own keyboard?

      I can only imagine you'd want to do this to see what your wife/kids/cat was using it for.

      --
      To have a right to do a thing is not at all the same as to be right in doing it
    46. Re:And this is good why? by tehcyder · · Score: 1

      It's purpose is clearly to force wireless device manufacturers to use secure data transmission protocols.

      I genuinely can't tell whether or not you're joking. Excellent.

      --
      To have a right to do a thing is not at all the same as to be right in doing it
    47. Re:And this is good why? by jasper_amsterdam · · Score: 0

      Did anyone else read 'snorting coke and chip crumbs' the first time 'round?

      --
      Let's put the genes back in Genesis.
    48. Re: And this is good why? by iluvcapra · · Score: 1

      Don't BT keyboards do a key exchange? They just use the passcode for initial identification, but the actual event stream is encrypted with a session public key.

      --
      Don't blame me, I voted for Baltar.
    49. Re: And this is good why? by BronsCon · · Score: 1

      The key is derived from the passcode, if I recall correctly.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    50. Re:And this is good why? by sentiblue · · Score: 1

      Disagreed.... Every keylogger is built with some sort of "stealing" intention in mind.... I dont for a second believe that things like this are made to encourage better security.

      If this dude is lucky enough... he can actually steal usernames/passwords and URLs and lots of other things... but then again at public places to steal like airports and hotels... people don't normally use MS wireless keyboards... they simply use tablets/laptops... that's why I used the term "lucky".

    51. Re: And this is good why? by Anonymous Coward · · Score: 0

      I did. :)

    52. Re: And this is good why? by Anonymous Coward · · Score: 0

      Hopefully ms will secure their wireless keyboards from now on

  2. Gee, thanks... by Anonymous Coward · · Score: 0

    ... because we really, REALLY needed people too stupid to think of this themselves to be given instructions on how to build one.

    1. Re:Gee, thanks... by Opportunist · · Score: 1

      I've read the specs and seen the required skills to build one. If you can build one, you could come up with the relevant ideas yourself. If anything, he just saved people who want to build such a thing some time.

      OTOH, he taught us not to accept strange gifts or use chargers we find lying around. Which is heaps easier than building one of those things.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:Gee, thanks... by boristdog · · Score: 1

      And you know, to not use wireless keyboards in any environment that could be compromised.

  3. One more reason to use a wired keyboard by Jeremi · · Score: 2, Insightful

    As if having to replace keyboard-batteries every 6 months wasn't reason enough. Is there really any benefit to having a keyboard be wireless, outside of a living room TV/PC scenario?

    --


    I don't care if it's 90,000 hectares. That lake was not my doing.
    1. Re:One more reason to use a wired keyboard by Drethon · · Score: 1

      That was my thought. Why broadcast any data unencrypted ever? Maybe wireless mouse data as I can't see that being particularly useful...

    2. Re:One more reason to use a wired keyboard by Firethorn · · Score: 1

      Why broadcast any data unencrypted ever?

      Because broadcast to everyone is the purpose.

      Otherwise the problem with wireless keyboards isn't 'just' that they're unencrypted, because some boast that they are encrypted, and they technically are. It's just that an 8 bit key is worth about as much as ROT-13.

      --
      I don't read AC A human right
    3. Re:One more reason to use a wired keyboard by Falos · · Score: 1

      > wireless mouse data
      Kind of sounds like an interesting challenge. Countless points of failure, though, even with a predetermined OS, web browser, etc.

    4. Re:One more reason to use a wired keyboard by gurps_npc · · Score: 1

      Yes. You are not actually sitting at a desk. I routinely double screen - my monitor is on my living room coffe table, I type on the keyboard while sitting on my couch. In the back ground is the News on my regular TV.

      --
      excitingthingstodo.blogspot.com
    5. Re:One more reason to use a wired keyboard by OzPeter · · Score: 1

      As if having to replace keyboard-batteries every 6 months wasn't reason enough.

      The batteries thing was one reason why I like my Logitech wireless keyboard as it is powered by solar cells - no battery changing at all.

      But now .. hmm .. I totally didn't think about sniffing the keyboard.

      --
      I am Slashdot. Are you Slashdot as well?
    6. Re:One more reason to use a wired keyboard by PRMan · · Score: 1

      I have arcade joysticks and driving wheels which I also hook up to my PC. It's a lot easier to move the keyboard when it's not attached. Other than that, nothing really.

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    7. Re:One more reason to use a wired keyboard by sinij · · Score: 2

      A device that broadcast over sufficiently large range random flood of mouse clicks would be a very effective DoS tool in a corporate settings.

    8. Re:One more reason to use a wired keyboard by ArcadeMan · · Score: 1

      A real arcade gamer would mod his computer desktop to have a rotating control panel and put the keyboard on one of the three sides!

      --
      Get free satoshi (Bitcoin) and Dogecoins
    9. Re:One more reason to use a wired keyboard by jeffmeden · · Score: 1

      As if having to replace keyboard-batteries every 6 months wasn't reason enough.

      The batteries thing was one reason why I like my Logitech wireless keyboard as it is powered by solar cells - no battery changing at all.

      But now .. hmm .. I totally didn't think about sniffing the keyboard.

      Logitech is actually out in front when it comes to encryption. Their 2.4ghz wireless keyboards going back almost 10 years have used 128 bit AES. Unless someone has leaked the pre-generated key algorithm, your chat history is safe and sound.

    10. Re:One more reason to use a wired keyboard by Nkwe · · Score: 3, Insightful

      A device that broadcast over sufficiently large range random flood of mouse clicks would be a very effective DoS tool in a corporate settings.

      Or a device that broadcast a very specific non-random set of keystrokes. For example you could send the keystrokes to open up a command window followed by the keystrokes to download and execute malware. You could even send the keystrokes to type in the source code and compile the malware or a malware bootstrap process.

    11. Re:One more reason to use a wired keyboard by OhPlz · · Score: 1

      Fewer cables. It's also nice if you want to make room for a book or pile of papers or something temporarily, there's no cord to argue with.

    12. Re:One more reason to use a wired keyboard by Blaskowicz · · Score: 2

      Time to get the "telephone cord" style of cord back on keyboards. It was invented so you can move the cord more easily.

    13. Re:One more reason to use a wired keyboard by Barny · · Score: 1

      I run two PCs with three displays. I typically use Synergy to mouse/keyboard share between them but, in case the network has issues, I keep a wireless controller hooked up to the second PC and the mouse/keyboard are in a drawer in the desk.

      --
      ...
      /me sighs
    14. Re:One more reason to use a wired keyboard by Smerta · · Score: 1

      Serious question (in case it sounds like I'm being antagonistic):

      Since AES is a block cipher, and an AES block is 16 bytes, and since keypresses appear to be transmitted "instantaneously", does that mean for each keypress, a 16-byte block is formed, and encrypted? And what about the encryption mode? (Otherwise doesn't it basically become ECB?)

      Seems like a stream cipher would make more sense, although you'd need a protocol on top of that to stay synchronized, since packets can become lost/corrupted.

      I could only find a very non-technical PDF on the topic. Interestingly, the wording seemed to imply something like a DH key exchange (one time, during pairing).

    15. Re:One more reason to use a wired keyboard by Fnord666 · · Score: 1

      Since AES is a block cipher, and an AES block is 16 bytes, and since keypresses appear to be transmitted "instantaneously", does that mean for each keypress, a 16-byte block is formed, and encrypted? And what about the encryption mode? (Otherwise doesn't it basically become ECB?)

      You use the block cipher to generate what is essentially a random stream, then XOR it with the input stream as needed, turning your block cipher into a stream cipher.

      --
      'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
    16. Re:One more reason to use a wired keyboard by houghi · · Score: 1

      On a desk? At home I often lean back with my feet on the desk. Not having a cable makes that easier. A second and very important thing (perhaps not for you) is that it looks so much nicer.

      Not everything needs to be functional.

      --
      Don't fight for your country, if your country does not fight for you.
    17. Re:One more reason to use a wired keyboard by AmiMoJo · · Score: 1

      It's not that bad. This particular issue was found back in 2007 and Microsoft fixed it with proper encryption, that so far has remained uncracked (at least as far as we know). The batteries in my wireless keyboards last years. It's the mice that chew through them every six months.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    18. Re:One more reason to use a wired keyboard by sparkMonkey · · Score: 1

      I've found a notable difference in battery life (both overall longevity and each session length) based on whether I plug the device into the PC for charging via USB or I take out the batteries and use a purpose-built charger. With the mouse, which uses up battery life fastest, it is fairly simple, and it means I always have one ready to go, so I can crank up report speeds without worrying about making it to the end of a gaming session. Unfortunately, it is a PITA on my keyboard, so I usually just charge via USB, and only pull those batteries for a proper charge on occasion.

  4. Immature industry by Anonymous Coward · · Score: 1

    Remember when we added networks to Windows 3.1? Remember how well that worked out? Remember how not having multi-user support totally didn't result in massive piles of insecure bug-ridden software full of viruses? Remember how antivirus software wasn't ever a thing?

    Well, it seems we didn't learn here. Taking something that's not designed with security in mind and suddenly hitching it up to a network doesn't seem to be working well for anything really. What we've learned is that the market will quite happily replace everything we have with timebombs if it means they make a few bucks.

    1. Re:Immature industry by Sowelu · · Score: 1

      I'm pretty sure I've heard of acoustic keyloggers. Yeah they probably have tough restrictions on where they need to be placed to be effective, but you might luck out. Bet you could put one of those into this thing and remove the "wireless keyboard" requirement.

  5. And this is good why? by Anonymous Coward · · Score: 0

    It doesn't - I can't think of a legitimate purpose other than snooping that this can serve.

  6. Dewhat? by TheCarp · · Score: 4, Interesting

    This is why I hate large swaths of consumer products.

    If the keyboard is encrypting keystrokes and sending them to the system....and a third party device sitting in the corner with no configuration involving dumping and loading keys....then the data is NOT encrypted.

    If you use the same static key, or one of a few easily derivable keys, I don't care how solid the encryption alcogrythem you use is.... I do not consider it encrypted, because the use case took "strong encryption" and turned it into "weak obfuscation".

    So unless there is some esoteric trick they are using to exploit the system and get their hands on a key that should otherwise be secure.... then its a disservice to the public to even call it encryption, because unless that is the case and they were genuinely compromised from a use case that should have otherwise been secure.... then all they did was use a fancy obfuscator.

    --
    "I opened my eyes, and everything went dark again"
    1. Re:Dewhat? by Firethorn · · Score: 4, Interesting

      So unless there is some esoteric trick they are using to exploit the system and get their hands on a key that should otherwise be secure.... then its a disservice to the public to even call it encryption, because unless that is the case and they were genuinely compromised from a use case that should have otherwise been secure.... then all they did was use a fancy obfuscator.

      When I was in the USAF I had great fun telling users that they could have a wireless keyboard & mouse just as soon as they found FIPS 140-2 compliant ones. I then told them that not only do none exist to our knowledge, but none are planned. The main problem being once you put serious encryption in there(as 140-2 requires), you're looking at a keyboard/mouse that are closer to smartphones than keyboards. IE a AA won't last a few months, you'll need to charge it like you do your smartphone. AES encryption also isn't intended for 8-16 bits at a time, so it's not really efficient there.

      --
      I don't read AC A human right
    2. Re:Dewhat? by sinij · · Score: 1

      I work in InfoSec, and insecure implementation is widespread and the norm. This is unlikely to change, not until consumers start demand product certification.

      In my experience, common implementation flaws are 1) hard coded keys, 2) leaking of secrets 3) weak randomization leading to predictable keys, 4) use of weak cryptography.

    3. Re:Dewhat? by Opportunist · · Score: 4, Informative

      It's not even weak obfuscation. The "key" is the mac address of the device... which is sent along with every single packet.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re:Dewhat? by OzPeter · · Score: 1

      This is unlikely to change, not until consumers start demand product certification.

      But certification costs money. And I demand my cheap keyboard.

      That and how the hell do you educate users that their keyboard has a security vulnerability (and does that mean having to keep an eye out for security patches for your keyboard?!?!? )

      --
      I am Slashdot. Are you Slashdot as well?
    5. Re:Dewhat? by The+New+Guy+2.0 · · Score: 1

      This is why you need Bluetooth in order to be sure there's enough processor in the keyboard to encrypt. Microsoft's proprietary system for this now has to be considered hacked.

    6. Re:Dewhat? by Anonymous Coward · · Score: 0

      Given a big enough budget I'm sure we could drown that problem in money... make it so.

    7. Re:Dewhat? by KingMotley · · Score: 4, Funny

      When I was in the USAF I had great fun telling users that they could have a wireless keyboard & mouse just as soon as they found FIPS 140-2 compliant ones. I then told them that not only do none exist to our knowledge, but none are planned. The main problem being once you put serious encryption in there(as 140-2 requires), you're looking at a keyboard/mouse that are closer to smartphones than keyboards. IE a AA won't last a few months, you'll need to charge it like you do your smartphone. AES encryption also isn't intended for 8-16 bits at a time, so it's not really efficient there.

      That's easy to solve. Since the keyboard and mouse are very likely near a PC, just run a charging cable to one of it's USB ports and never disconnect it. Then you can get rid of the battery completely. Problem solved. Then you've got a nice battery-less, always charged wireless keyboard and mouse. Tada!

    8. Re:Dewhat? by sinij · · Score: 1

      Well, I advocate and practice usage separation. Have a secure device dedicated for "important" tasks like banking. This way you can have usability in most cases, and security in cases that requires it.

      As to how do you educate users that their keyboard, smart TV, smart thermostat, router, in-car infotainment system, child monitoring system, fitness band, implanted defibrillator all require security patches? You can't. Unless they are Dick Cheney, who has a very well deserved reason to be paranoid.

    9. Re:Dewhat? by Archangel+Michael · · Score: 1

      Most users don't care. Most users wouldn't care that their keyboard COULD be logged, even if they were told. MOST users are using wireless keyboards to type twitter and facebook posts.

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    10. Re:Dewhat? by Anonymous Coward · · Score: 0

      This is why I hate large swaths of consumer products.

      If the keyboard is encrypting keystrokes and sending them to the system....and a third party device sitting in the corner with no configuration involving dumping and loading keys....then the data is NOT encrypted.

      If you use the same static key, or one of a few easily derivable keys, I don't care how solid the encryption alcogrythem you use is.... I do not consider it encrypted, because the use case took "strong encryption" and turned it into "weak obfuscation".

      So unless there is some esoteric trick they are using to exploit the system and get their hands on a key that should otherwise be secure.... then its a disservice to the public to even call it encryption, because unless that is the case and they were genuinely compromised from a use case that should have otherwise been secure.... then all they did was use a fancy obfuscator.

      The problem is not the encryption so much as it is the fact that the header that precedes the data payload packet being only one of two possible groups of bytes. This renders the encryption irrelevant due to the fact that the encryption is easily broken due to the header being known, so it is not very hard to attempt decryption on the header until it matches the two known states and then apply that key to the rest of the packets.

      In the future keyboard designers should make the protocol more configurable so that on casual observation it is not so easy to determine what packets are data and what are checksums and headers and footers. This would not be hard to do, one could use noise in the system that is filtered (Think signal to noise filtering) as a seed for random number generation or better yet utilize some sort of spread spectrum randomization, so that getting all of the packets is not so deliriously easy.

    11. Re:Dewhat? by Anonymous Coward · · Score: 0

      That's not quite true. You can get 15.4 chips that have AES hardware for a few bucks. These are designed to work with 8/16 bit micros. Hell most of these are also single chips that have both radio and a arm core together. People don't do this because of cost and most consumers doesn't care or doesn't even know.

    12. Re:Dewhat? by Dagger2 · · Score: 4, Informative

      And the "key" is xored with the plaintext to get the "encrypted" text, and the typed character is in a single byte. So you only actually need a single byte of the MAC address.

      And it happens to be the first byte, which for these Microsoft keyboards is always 0xCD. So you don't even need to bother figuring out what the MAC address is.

    13. Re:Dewhat? by mlts · · Score: 1

      This raises a question:

      Why do we have these non-standard wireless keyboard protocols that have unknown (if not nonexistant) levels of security, when BlueTooth is a widely accepted standard, and has proven itself quite robust to attack (it isn't perfect, but BT 4.2 is pretty darn secure.)

      Why doesn't MS and other keyboard makers bundle a BT dongle ($10 on Amazon), and go with a tried/true standard? If the keyboard supports USB for charging, then pairing is definitely not an issue. If not, it can come pre-paired (similar to how Apple pairs USB mice and keyboards when they are shipped with iMacs), or one can use one of many pairing methods.

      Going with BT not just means that there is actual guarenteed security in place, but there are facilities for running at low power levels and not having to maintain a constant radio connection.

    14. Re:Dewhat? by TheCarp · · Score: 1

      I would say this is pretty close to how I look at it now. I got a cheap wireless keyboard sure....but anyone sniffing the traffic is going to be bored to tears as I don't ever type anything the least bit confidential on it. Best you are getting is a bunch of youtube URLs and a whole bunch of wwwwwwwwwwwwwaaaaaaaaaaaaaaaasssssssssssssssddddddddddddddddddddddddfff

      --
      "I opened my eyes, and everything went dark again"
    15. Re:Dewhat? by Impy+the+Impiuos+Imp · · Score: 1

      Adding noise is good, but It adds to the pollution slowing down that band.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    16. Re:Dewhat? by TheCarp · · Score: 1

      The thing is, the cipher doesn't do the job alone, once you have a good cipher, you then need good key generation/negotiation, which pretty much requires some sort of authenticated pairing step which requires user interaction to complete.

      Still pretty reasonable but, everyone wants "plug and play" and thats hard to reconcile with "safer play"

      --
      "I opened my eyes, and everything went dark again"
    17. Re: Dewhat? by Anonymous Coward · · Score: 0

      Power efficiency. These custom wireless keyboards generally get better battery life than their Bluetooth counterparts.

    18. Re:Dewhat? by Jeremi · · Score: 1

      Most users don't care. Most users wouldn't care that their keyboard COULD be logged, even if they were told. MOST users are using wireless keyboards to type twitter and facebook posts.

      They also use those same keyboards to log in to their bank accounts, so they'll care after the first time their checking account gets drained. (And for those that don't use on-line banking, they'll care after the first time their Facebook account starts posting goatse pics for their mom to see)

      --


      I don't care if it's 90,000 hectares. That lake was not my doing.
    19. Re:Dewhat? by John+Bokma · · Score: 1

      alcogrythem

      I like it, sounds like a good title for a steampunk book: "The Alcogrythem" by Neal Stephenson.

      --

      Perl Programmer for hire
    20. Re:Dewhat? by goombah99 · · Score: 1

      the presentation was confusing. It seems that you still need the mac address to be able to listen at all. but you can brute force scanning for all of them. you just don't neeed it for the decrypt.

      --
      Some drink at the fountain of knowledge. Others just gargle.
    21. Re:Dewhat? by Firethorn · · Score: 1

      The thing is, the cipher doesn't do the job alone, once you have a good cipher, you then need good key generation/negotiation, which pretty much requires some sort of authenticated pairing step which requires user interaction to complete.

      Which means you end up with, at least, a tiny LCD screen to show the pairing code. Which means you need enough logic to run the LCD screen and the pairing stuff.

      I exaggerated a bit, with a cellphone battery the keyboard could probably last weeks. But a dumb keyboard is also in incredibly simple device, thus my statement 'closer to'. I also remember reading that for truly secure operation the keyboard would have to communicate with the computer a lot more, and more transmissions equates to shorter battery life.

      Don't forget that while AES is a standard within FIPS 140-2, it's also far from the only requirement. Certifying your wireless keyboard would probably cost more than designing it in the first place, and the DoD won't let you use it unless it's certified(and maybe even not then). So you're looking at a LOT of expense for what would work out to a limited audience. Not that you wouldn't sell a few even if they were $10k apiece, but it's still a limited market.

      --
      I don't read AC A human right
    22. Re:Dewhat? by Dagger2 · · Score: 1

      Needing to know the MAC address is just a limitation of the nRF24L01+ chip he was using. Conveniently though, the chip has an undocumented feature (or bug) that lets you trick it into giving the full packet, including the MAC address header. The only brute force scanning he ends up doing is to scan through all the different frequencies.

    23. Re:Dewhat? by Blaskowicz · · Score: 1

      That sounds good if you simply want keypresses to not land accidentally in another computer's receiver.

    24. Re:Dewhat? by TheCarp · · Score: 1

      DoD are not the only people who require FIPS 140-2. I have worked at shops with various mixes of FERPA, HPAA, and PCI requirements for various parts of their operation, and I have run into it a couple of times; though I can't tell you (because I don't know) whether any of them have been strictly due to a regulatory requirement or a place where local policy simply adopted the recommendations from it.

      In short, if such a device existed, it might actually end up on several companies prefered purchasing lists for their employees, or even cause other competing products to get disqualified as just the existence of one could call the others into question.

      --
      "I opened my eyes, and everything went dark again"
    25. Re:Dewhat? by TheCarp · · Score: 1

      In the future keyboard designers should make the protocol more configurable so that on casual observation it is not so easy to determine what packets are data

      Thats a very common misconception, but the fact is that is pretty exactly what they should NOT do.

      Specifically that is, they should not even attempt to design their own method of securing the data. They should use fairly standard, well tested, modules produced by professional cryptographers. Full stop. These are solved problems, and there are several very well researched and well designed techniques for solving these issues.

      There is always room for more such techniques but, to think that some engineer working on a keyboard is going to design one that is even as good as what we have as just....a submodule of his project is just not realistic.

      Choose a solution for authentication/key negotiation....choose a cipher. Go back to designing the keyboard itself. That really is the best part.... since its a solved problem.... it really isn't a huge level of effort to fix correctly.

      Plus its a keyboard...a "pairing" could be as simple as flipping a switch into pairing mode, then typing some text that shows on the screen of the device pairing with it. Its not like its some headset with only 2 buttons.

      --
      "I opened my eyes, and everything went dark again"
    26. Re: Dewhat? by Anonymous Coward · · Score: 0

      Its true my btless mouse almost never needs charging. My mx 5000 combo is bt and needs charging constantly

    27. Re:Dewhat? by TheCarp · · Score: 1

      > Which means you end up with, at least, a tiny LCD screen to show the pairing code. Which means
      > you need enough logic to run the LCD screen and the pairing stuff.

      oooh I have been thinking about this.... I think it can be done even easier and cheaper.

      Wireless keyboards generally require a wireless dongle. Put a usb port on the kb, used for emergency power obviously.... but... easy pairing. Just plug the dongle into the device, and press a button, they can do a key negotiation over their local USB connection. No LCD needed, maybe.... an LED and a button.

      That should put an easy end to easy sniffing. Course if someone is coming into your house and plugging shit into the wall, maybe they can just replace your whole keyboard too.... fake the dongle and keyboard into each pairing with his device and MiTM you? or wholesale replace yours with his lookalike.... but, its certainly not casual sniffing at that point.

      --
      "I opened my eyes, and everything went dark again"
    28. Re:Dewhat? by steelfood · · Score: 1

      What's scary is that it sounds like something you could actually sell, for a premium over the kind that uses a battery, to a government agency.

      --
      "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
    29. Re:Dewhat? by TheCarp · · Score: 1

      Which is all the more reason why system designers really should consider themselves as having a duty to care for them. The vast majority of users are not experts and any risks they expose themselves to in using the product really are things they can't be expected to understand. So products intended for non-professional markets especially; should really be designs to not expose inexpert users to risks as much as possible.

      --
      "I opened my eyes, and everything went dark again"
    30. Re:Dewhat? by Firethorn · · Score: 1

      Wireless keyboards generally require a wireless dongle. Put a usb port on the kb, used for emergency power obviously.... but... easy pairing.

      For such a keyboard I'd go with 'charging' and have it act like a normal keyboard while plugged into the computer. Something like 'up to 2 days of fairly heavy usage per 2 hours charging'. Easy pairing, perhaps, but I think you'd need to write some software to do that, not that you aren't anyways.

      Course if someone is coming into your house and plugging shit into the wall, maybe they can just replace your whole keyboard too....

      Already a concern, would actually be less of a one with the secure keyboard - because the computer won't talk to a replacement.

      --
      I don't read AC A human right
    31. Re:Dewhat? by Firethorn · · Score: 1

      DoD are not the only people who require FIPS 140-2.

      Point. It's a federal regulation, after all, and thus all departments with security concerns(such as the DoE) use it. Plus, lots of states follow federal rules due to the ease, and for private concerns it can also be a shortcut.

      That being said, I once investigated the reason because even to me it seemed like a license to print money if you came out with one. I guess 'illegal' installations were easier and cheaper, too much competition with the expense and risk of trying to create one.

      I wouldn't be surprised if they ended up costing around a grand for a keyboard/mouse combo.

      --
      I don't read AC A human right
    32. Re:Dewhat? by BronsCon · · Score: 1

      Or, you put a USB port on the keyboard and design it so that, when the receiver dongle is plugged into the keyboard, the two exchange keys. Allow only one receiver pairing per device and only one device pairing per receiver, per type of device.

      Even better, disable the radio when the receiver dongle is plugged into the keyboard for pairing, no data is transmitted wirelessly, require a password for the key exchange, require that the password be changed with every exchange, generate the key from a passphrase typed by the user, salted with the password (such that the same passphrase will generate a different key if reused), and optionally allow the key itself to be encrypted with a passphrase in the keyboard's storage.

      The key exchange process would go something like this:
      1) Plug dongle into keyboard; "Ready" light illuminates
      2) Type current password and press ENTER; password is encrypted with current private key and sent to dongle, dongle decrypts password and replies with the password plaintext re-encrypted with public key, keyboard decrypts reply with private key and compares result with known plaintext (just typed); on success (e.g. plaintexts match), "Password" light illuminates
      3) Type new password and press ENTER; password is stored temporarily in keyboard's RAM; on success "Exchange" light illuminates
      4) Type passphrase to be used for new key (suggest random keystrokes) and press ENTER; all lights illuminate, "Exchange" light blinks
      5) Keyboard begins generating an RSA keypair; and sends the public key, encrypted with the current private key, to the dongle, which then decrypts the key and replies with the plaintext key; on success, all lights illuminate, "Ready" light blinks
      6) Keyboard encrypts the new public key with the new private key and sends to dongle, dongle decrypts using the new public key and compares the result; on success (e.g. both keys match) it discards the old key and records the new key before encrypting the plaintext password from step 2 and sending the result to the keyboard for verification; dongle then discards plaintext password
      7) Keyboard decrypts password and compares with original plaintext; on success (e.g. passwords match), keyboard discards old key and password, encrypts new password with private key, then stores the result, all lights illuminate, "Password" light blinks
      8) Type key passphrase and press ENTER, or simply press ENTER; if passphrase is entered, generate a hash of the passphrase, having the same length as the private key, and XOR the key against the result; if no passphrase is entered, key remains plaintext; on success, keyboard records the resulting key, all lights blink
      9) Remove dongle from keyboard
      10) Insert dongle into computer

      If a the private key is encrypted with a passphrase, require the passphrase every time the keyboard is powered on; generate a key-length hash (which will be identical to the hash used in step 8 if the passphrase is correct) and XOR the stored key against that hash; this is the key the keyboard encrypts its transmissions with.

      This whole post is long enough without going into detail about why certain steps are necessary; perhaps I'll do a full writeup sometime. If I do, I'll reply to this post with a link. Of course, this solution is also imperfect, as an attacker could disassemble the dongle and read the public key directly from the dongle's flash; it would have to be designed in such a way that the dongle could not be opened to that degree without damaging the flash beyond readability. Layering several different kinds of epoxy over it should do the trick in most circumstances.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    33. Re:Dewhat? by Anonymous Coward · · Score: 0

      ""pairing" could be as simple as flipping a switch into pairing mode, then typing some text that shows on the screen of the device pairing with it"

      That's how bluetooth keyboards do it, but that requires Bluetooth drivers and an UI on the computer. Imagine that you are trying to install a keyboard with trackball because your mouse broke and you need to handle driver installation without a mouse or keyboard.

      I prefer a wireless keyboard with a USB dongle that acts as a standard keyboard, thank you.

    34. Re:Dewhat? by dave420 · · Score: 1

      If your bank account can be drained by using only intercepted keyboard data, you are with the wrong bank.

    35. Re:Dewhat? by Archangel+Michael · · Score: 1

      LastPass makes me immune to THIS kind of attack.

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    36. Re:Dewhat? by Anonymous Coward · · Score: 0

      But then its not WIRELESS! On the other hand, no one really needs a wireless keyboard or mouse when using a desktop or laptop computer. Wired keyboard and mouse are just fine.

    37. Re:Dewhat? by TheCarp · · Score: 1

      I know I am a little late to the reply but...

      > I prefer a wireless keyboard with a USB dongle that acts as a standard keyboard, thank you.

      which is exactly what I prefer too but, which is why I say, ditch the driver. The driver is just one more place your scheme can be compromised, clearly the solution is to have the dongle capable of pairing without PC participation beyond, (possibly) providing power.

      --
      "I opened my eyes, and everything went dark again"
  7. I don't get it. by aaronb1138 · · Score: 0

    Articles on new security breaking or testing devices never make sense from the perspective of why is this interesting. Another device that uses pretty vanilla methods to accomplish a trivial but scary sounding task. If it requires physical access or certain proximity, it's not novel, it's just a rehash of known methods for compromising devices not designed to be secure in the first place.

    Hardware keyboard loggers have been around since the 80's. Now because this one does it over unlicensed RF, that makes it interesting? No. Sniffing RF keyboards has been done for nearly 10 years now.

    And this one wastes the power of an Arduino when nothing remotely that sophisticated is required. Oh, I get it, buzzwords. Why didn't they use a Raspberry PI hooked up to the Arduino to upload the sniffing over Wifi and provide remote control. That has way more script kiddie / proto-board masher street cred.

    If we're going to go all TEMPEST then they should try to grab video output from RF as well.

    1. Re:I don't get it. by Anonymous Coward · · Score: 0

      Articles like this raise awareness about security vulnerabilities, especially to a generation of computer users that is younger than you, and hence hasn't already learned these lessons.

      You may be seasoned enough to know better than to use a wireless keyboard for anything other than a gaming machine, but today's kids are not, so articles like this are useful to them.

    2. Re:I don't get it. by Opportunist · · Score: 1

      Come out of your basement, get into a corporate environment and you'll immediately spot a use case. In case that's not obvious enough, three words: Open Plan Office.

      Or how about the fact that the average office building has walls that are, at best, not see-through... hmmm, I wonder if that office next to that law firm is available... what? Me spying on lawyers? Of course not officer, please come in, look around, as you can see I barely moved in yet, all I have is my laptop and my cellphone. Yeah, these new phones suck, the battery's always drained, it's almost like going back to threaded, ha, ha...

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    3. Re:I don't get it. by Anonymous Coward · · Score: 0

      You guys are missing the point. The keylogging is just an easily understood example of how this can be used. This same method can easily be used by changing the program to mitm your wifi just like they warn you about Starbucks wifi. Or other devices like usb hubs or switches. It could use your or a neighbors wifi to transmit data back home, it could even have cell connect capability. It has enough smarts to figure out the good stuff and save on micro sdhc and transmit when ready. It can also sit there and wait to receive additional instructions.

      Chances are, the main use would be to keep reinfecting your devices with enough bootstrap software to call home and get the main programs. I am not even Dr. Evil and I can think of a hundred permutations.

    4. Re:I don't get it. by aaronb1138 · · Score: 1

      I work in corporate environments. You're still well within the range of physical proximity attacks. Acoustic keyboard analysis works on both wired and wireless keyboards. Wired keyboards are still subject to, and perhaps even easier to listen into their EMR characteristics.

      A younger generation would be better served by a general understanding of EMR, more specifically the fundamental physics of electricity, inductance, and RF. Understanding the general underlying principals from the science side, then the security side, and one needs no introduction to such attack vectors. They are natural results of knowledge.

    5. Re:I don't get it. by CaptainDork · · Score: 1

      The current generation would do well to fix this shit.

      --
      It little behooves the best of us to comment on the rest of us.
  8. Immature industry by Anonymous Coward · · Score: 0

    Sneakernet data had to be scanned too. I had a non-TSR version of McAfee on one of my DOS 6.x boxes.

  9. Come on, MS Keyboards are secure. by 140Mandak262Jamuna · · Score: 5, Funny
    I am sure the Microsoft keyboards are well engineered and will not allow a random listener within earshot to snoop in on communications. Microsoft has a well earned reputation for placing security above everything else. It would not compromise the security for some trivial thing like ease-of-use for dimwitted user. The keyboard will be using encrypted communication between the wireless keyboard and the host PC. In almost all the conference rooms in our office we routinely use wireless keyboard to log in to the conf-room PC, then remote desktop to login to our workstations to make presentations. We would not do it, if someone is using a compromised USB charger in the conference room.

    I have very good experience walking past grave yards whistling.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:Come on, MS Keyboards are secure. by The+New+Guy+2.0 · · Score: 1

      Was this a joke? Nobody's laughing...

    2. Re:Come on, MS Keyboards are secure. by 93+Escort+Wagon · · Score: 1

      It would not compromise the security for some trivial thing like ease-of-use for dimwitted user.

      No one who's used a Microsoft product would believe "ease of use" was given any significant amount of consideration by the design team.

      --
      #DeleteChrome
    3. Re:Come on, MS Keyboards are secure. by Anonymous Coward · · Score: 0

      Right, because all the other non-MS wireless keyboards are oh so secure.

    4. Re:Come on, MS Keyboards are secure. by Drewdad · · Score: 1

      Is it a joke? Dunno. Do you define satire that way?

    5. Re:Come on, MS Keyboards are secure. by The+New+Guy+2.0 · · Score: 1

      Well, it's "flip"... it's a comment that states the opposite of the summary at the top.

    6. Re:Come on, MS Keyboards are secure. by desdinova+216 · · Score: 1

      wooosh

    7. Re:Come on, MS Keyboards are secure. by Anonymous Coward · · Score: 0

      Noone who has memorized WordPerfect 5.1 keyboard command sets would believe "ease of use" was given any significant amount of consideration by the design team.
      (Actually, I take that back: some people might, happily pointing out WordPerfect's superiority over MS-DOS edlin.)
      Microsoft got big because they were loved.
      Microsoft got loved because they made "ease of use" products.
      Microsoft stopped getting loved because they got greedier. I mean, they've always been greedy. But they allowed their greed to tarnish what qualities they did have, like ease of use.

  10. One more reason.... by Anonymous Coward · · Score: 0

    One more reason to hate wireless keyboards.... On top of the fact that you need to change their batteries, which usually pick the most entertaining time to die. Especially when most people don't bother moving their keyboard more than 3ft from their computer anyhow :P

    As it is wireless has been a deal breaker with me for as long as I can remember.

  11. Yes it is a easily patched security hole by Anonymous Coward · · Score: 0

    you can:

    1- use a non Microsoft keyboard
    2- stop using wireless keyboards
    3- sweep your office regularly for odd devices that you don't know where they came from
    4- introduce another layer of encryption between the keyboard controller and the software level, rendering the captured keys meaningless.
    5- Operate inside a faraday cage like Gene Hackman did in Enemy of the State
    6- Do what Joe Sixpack does, surf porn sites, drink beer and not worry about things like this.

  12. Yawn by Old+Bitsmasher · · Score: 1

    Oh, come on, people have been putting bugs in wall warts since there have been wall warts. Boris: Look, Natasha, nice little box, has constant power supply, wire for antenna. Natasha: Da. But not wood. Boris: Is now Nineteen-Sixties. Did you not see movie? Answer is "Plastic."

  13. And... by Anonymous Coward · · Score: 0

    2% semen. (Roughly.)

    1. Re:And... by Anonymous Coward · · Score: 0

      Rough sex with a keyboard, sounds like a very niche market.
      (captha: brusque)

  14. so you can see what you are typing in the password by swschrad · · Score: 1

    obviously, this will be big among executive offices, saves time trying every password they have used in the past 20 years to watch videos during phone conferences.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  15. Its good to put the threat in context by Anonymous Coward · · Score: 0

    rather than just say no.

    My company banned wireless devices without explanation. Even discussing getting one was so taboo, the IT guys are gonna freak... It would end the conversation with less disgruntlement if they put things in context for those who don't follow the "hacker community"...These people who want the deive for whatever reason conjure up Hollywood hacker movie images as they harrumph at the trumped up rules that won't let them get a wireless keyboard so they can clean their desk without the hassle. I myself would prefer a wireless keyboard as I move from embedded devices and building to building. Its a pain sometimes to coil up the keyboard but I can see how they might be exploited.

    Finding a lost shiny white apple charger just sitting in the parking lot... an employee may pick it up and think, score, I don't need to carry my charger with me anymore. And if they don't scan for unauthorized wifi networks it could go unnoticed as logins and write-ups are being snooped on.

    1. Re:Its good to put the threat in context by PPH · · Score: 1

      Back when WiFi was a New Thing, Boeing banned them on their intranet. Many people wanted to wander around with untethered laptops, so they'd bring a WiFi hub and plug it into their office Ethernet port.

      The IT people called the electronics lab for help. One day, a couple of guys were pushing an HP spectrum analyzer attached to a microwave horn antenna/converter on a cart around the office, looking for hubs. By the end of the day, they had located every microwave oven on the premises.

      --
      Have gnu, will travel.
  16. 8 years late to the party by al0ha · · Score: 1

    Dang this is NOT A STORY and the claim that this can work against all Microsoft Wireless Keyboards is 100% BS, and has been since 2007, when the issue was first uncovered; covered in depth by Schneier, and remedied in all versions of the Microsoft Wireless Keyboard created since then, which use at minimum 128-bit AES; NOT XOR.

    It's 2015, not 2007 people...

    --
    Did you ever wake up in the morning, with a Zombie Woof behind your eyes? -- FZ
  17. Another use by Russ1642 · · Score: 1

    Can I use one of these as a replacement for the original wireless keyboard receiver? If I get more than five feet from the original receiver the keyboard doesn't work. This device is probably much better.

  18. Another reason by Trogre · · Score: 1

    Another reason to avoid wireless keyboards unless absolutely necessary and security is of no concern.

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  19. Not too worried about this by Quarters · · Score: 1

    The receiver for my Microsoft wireless keyboard has to be 1' away from the keyboard or else I drop keystrokes pretty regularly. So unless this thing is laid right across the home-key row I'm not worried that it will pick anything useful up.

  20. And this is good why? by aaronb1138 · · Score: 1

    Mostly helping the hack job security companies have yet another dumb toy to trot out during demos and pentesting.

  21. Hwo does it connect to the internet? by nikkipolya · · Score: 1

    Fine, it's harvesting keystrokes. But how does it connect to the Internet to "send them back to the operator over the Web"?

  22. Arduino Microcontroller? by dohzer · · Score: 1

    Arduino Microcontroller? Is that kind of like an Atmel one? Or one of the clones?

  23. Playing dumb by T.E.D. · · Score: 1

    Is there any way I can play dumb, and get some of these from a hacker? I never ever buy wireless keyboards (just what I don't need- a less reliable human input device), but I could really use some free USB chargers.

  24. no it wont and no it cant by Anonymous Coward · · Score: 0

    no
    how is it gonna transmit data back to hacker, without gaining access to his crypted wifi connection, and what if he has none ?
    LOL

  25. Re: acustic by Anonymous Coward · · Score: 0

    If someone has physical access, they don't even need any fancy acoustic analyzing. They just need to plug a USB adapter between the keyboard and computer and it's unlikely anyone would ever notice before a fair bit of compromising information was recorded.