Slashdot Mirror

← Back to Stories (view on slashdot.org)

Popular Wireless Keyboards From HP, Toshiba and Others Don't Use Encryption, Can Be Easily Snooped On (threatpost.com)

Posted by msmash on from the security-woes dept.

Reader msm1267 writes: Wireless keyboards made by eight different companies suffer from a vulnerability that can allow attackers to eavesdrop on keystrokes from up to 250 feet away, researchers warned Tuesday. If exploited, the vulnerability, dubbed KeySniffer, could let an attacker glean passwords, credit card numbers, security questions and answers -- essentially anything typed on a keyboard, in clear text. Keyboards manufactured by Hewlett-Packard, Toshiba, Kensington, Insignia, Radio Shack, Anker, General Electric, and EagleTec are affected, according to Marc Newlin, a researcher with Bastille Networks who discovered the vulnerability. Bastille gave the manufacturers of the keyboards 90 days to address the vulnerability, but most vendors failed to respond to their findings. Newlin said only Jasco Products, a company that manufactures the affected keyboard (GE 98614) for General Electric, responded and claimed it no longer manufactures wireless devices, like keyboards. As there doesn't appear to be a way to actually fix the vulnerability, it's likely the companies will eventually consider the devices end of life.

18 of 85 comments (clear)

  1. Solution found by Anonymous Coward · · Score: 2, Insightful

    Use a wired keyboard.

    1. Re:Solution found by NotInHere · · Score: 4, Insightful

      I hate wireless everything because it means that each of these devices has batteries I have to care about. Plus, this pairing bullshit. And the security for wireless keyboards is 100x worse than for wired ones, like observable here. Even if they use encryption (which on the outside, you can't easily find out), is the encryption secure? I doubt it uses something secure like AES because for low power devices usually weaker encryption is used. And even then issues remain. Do all keyboards of a model share the same secret key? If not, is the key non guessable? Unless I have looked at it, I won't trust them a bit. And which manufacturers actually document the protocol down to this level.

      Sorry, but I do not want things to be wireless. I simply don't have the time to review each of these devices.

    2. Re:Solution found by mspohr · · Score: 2

      I've used a Logitech K760 for years. It's Bluetooth and has a small solar cell array across the top so it's always charged. Never have to worry about changing batteries. Has been 100% reliable used with various computers I've had over the years (currently Chromebook and MacBook Air). (Also, since it didn't make the list of vulnerable proprietary keyboards and it's Bluetooth, it should be more secure.)
      Wireless really is better

      --
      I don't read your sig. Why are you reading mine?
    3. Re:Solution found by drinkypoo · · Score: 2

      The crappiest encrypted bluetooth keyboard is better than virtually any of these proprietary wireless systems, almost none of which use encryption and virtually all of which use common off-the-shelf wireless chips.

      Logitech has something called secure connect, no idea if that is worth a crap. Not tested here, unfortunately. Their normal non-bluetooth wireless is known to be insecure, however.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:Solution found by Darinbob · · Score: 2

      Agreed. I never wanted a wireless keyboard from the first day they existed, for three reasons. The pain of having to change and hunt down batteries, the utter and complete lack of security, and because it's pointless to be wireless. So other people just NOW realized there were security problems? Were these the same people who were surprised that their parents could see their drunken party photos on facebook?

  2. Wireless range by phorm · · Score: 2

    I'm fairly sure that these rely on the "signal that can barely reach my couch let along outside my house" method of "security" :-)

    1. Re:Wireless range by dattaway · · Score: 2

      Never underestimate the power of a high gain directional antenna. The chip antennas in the USB dongles aren't that great.

    2. Re:Wireless range by AHuxley · · Score: 2

      The device range is tested, tuned, looked for, amplified by another device to just outside the building.
      Collection is then just a local device away e.g. UK spied on Russians with fake rock http://www.bbc.com/news/world-... "contained electronic equipment and had been used by British diplomats to receive and transmit information".
      Thats how the range problem is never an issue. The real trick is getting nations, people, groups to use and trust leaky fully imported wireless devices.

      --
      Domestic spying is now "Benign Information Gathering"
  3. No shit sherlock by OzPeter · · Score: 5, Interesting

    In 2001 Security - Logitech Wireless Mice & Keyboards Can Be Sniffed
    In 2007 Wireless Keyboard "Encryption" Cracked
    And In Feb 2016 Mousejack Attacks Exploit Wireless Keyboards and Mice

    And I am sure there are plenty more stories on slashdot just on this subject

    --
    I am Slashdot. Are you Slashdot as well?
  4. In case you were curious about Logitech keyboards by Anonymous Coward · · Score: 2

    https://forums.logitech.com/t5/Keyboards-and-Keyboard-Mice/Wireless-keyboard-stream-encryption-scrambling-encoding/td-p/584316

    TL;DR: Logitech devices using both bluetooth and the unifying receiver are encrypted by default. Glad I don't have to toss out a bunch of devices.

  5. Re:Wireless Keyboards by Threni · · Score: 2

    It's like any software that comes with hardware. Printer software, camera software, random usb device software. It's always shit, written by some fucking idiot in china (nowadays it'll be their fuckwit cousin in India). When you pay for software it's usually fine otherwise the vendor will go out of business but the only requirement for "software that comes with hardware" is that it's legally functional; that is, it's not so useless that it allows the customer to immediately get their money back. That's a pretty low bar. It used to be limited to just those bits of hardware, but with the Internet of Shitty Cheap Things millions of people are going to experience this really, really software. I imagine Stack Overflow has already invested in the servers and ssds required to process the sheer number of "i am having the problem reading from rest json i get the error pls fix me yes" posts.

  6. Re:"there doesn't appear to be a way to actually f by ShanghaiBill · · Score: 2

    Yes, there is.

    No there isn't.

    Simple encryption with a companion driver doing the decryption.

    Nobody expects to install a driver to use a keyboard. So they will buy the unencrypted KB from a competitor that JUST WORKS.

    It would take a fifty cent chip

    Wireless keyboards are under $20 retail, about half that in bulk, and margins are thin. It is likely that the OEM isn't even making 50 cents per piece. Why should they incur that expense for near zero additional sales? Anyone that cares about security isn't using a wireless keyboard, encrypted or not.

  7. Did anyone think they did? by holophrastic · · Score: 3, Interesting

    I don't suspect that anyone ever thought that they did. Hey, my wired keyboard can be snooped on from up to a million feet above, with nothing more than a child's telescope. Good thing I'm not a target, because there's also a window nearby. Can you imagine typing on a laptop on a park bench? Martians with telescopes could see my slashdot password!

    Or, they could have better things to do.

  8. Re:Wireless Keyboards by thevirtualcat · · Score: 2

    Based on my cursory Googling:

    Microsoft keyboards have been broken for a while.
    http://arstechnica.com/securit...

    Logitech apparently actually uses 128-bit AES, though the question of how they generate their symmetric key isn't exactly answered in a way that's satisfying.
    http://www.logitech.com/images...

    Not sure about Dell. Couldn't find much on their keyboards with my cursory Googling. They seem to mostly rebrand other people's wireless keyboards?

    And Apple keyboards all seem to be bluetooth.

  9. Re:No mention of Logitech by drinkypoo · · Score: 2

    Logitech, easily as popular as Microsoft and more popular than ANY of the named brands, wasn't tested? Why not?

    Their hardware is already known to be vulnerable.

    If your keyboard doesn't use bluetooth, it is certainly vulnerable.

    If your keyboard does use bluetooth, it might still be vulnerable.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  10. Re:That was one of the details wardriving and late by SumterLiving · · Score: 2

    Holy shit, my neighbor put up 123 different antennas directed at my rural home about two years ago. The three acre array seemed suspicious but I'm a trusting guy. Time to do away with my wireless keyboard.

  11. Re:In case you were curious about Logitech keyboar by Anonymous Coward · · Score: 2, Insightful

    Too bad Bluetooth's encryption is still so easy to break.

  12. Re:Even better... by ArmoredDragon · · Score: 2

    except for the thousands of dollars in medical expenses and lost wages when you develop carpal tunnel syndrome.

    You aren't likely to develop carpal tunnel syndrome unless you're already predisposed to the condition, which is usually predicted by having a more square wrist than a more rectangular one, in addition to other anatomical features in your hand, such as its relative height and width.

    And if you are predisposed to it, then lots of actions (ranging from writing to beating the captain) can cause it when repeated often.

    If you aren't predisposed to it however, then you aren't likely to ever get it no matter how much you write, type, or polish the pewter.