Our keyboards are insecure? PANIC!

In Tuesday's IT Blogwatch, Richi Jennings watches bloggers watch Swiss researchers watch your keystrokes from 65 feet away. Not to mention platform madness...

Jeremy Kirk reports:

Computer keystrokes can be snooped from afar by detecting the slight electromagnetic radiation emitted when a key is pressed, according to new research ... [by] Sylvain Pasini and Martin Vuagnoux, both doctoral students with the Security and Cryptography Laboratory at the Ecole Polytechnique Fédérale de Lausanne in Switzerland.
...
The researchers tested 11 different wired keyboard models produced between 2001 and 2008, including some with USB connectors and keyboards embedded in laptops. All were vulnerable to one of four surveillance methods ... various experiments shows they could monitor keystrokes from as far as [65 ft.] away.
...
They faulted cost pressures on keyboard manufacturers for not making keyboards more snoop-proof.

Dan Goodin adds:

No doubt, electromagnetic eavesdropping dates back to the mid 1980s, if not earlier. But Vuagnoux says many of today's keyboards have been adapted to prevent those attacks from working. The research shows that even these keyboards are vulnerable to electromagnetic sniffing.
...
The video demonstrations show a computer that reads input from antennas that monitor a specified frequency. In both cases, the computer was able to determine the keystrokes typed on keyboards connected to a laptop and power supply and LCD monitors were disconnected to prevent potential power transmissions or wireless communications.

Martin Vuagnoux and Sylvain Pasini écrivent:

Computer keyboards are often used to transmit sensitive information such as username/password (e.g. to log into computers, to do e-banking money transfer, etc.). A vulnerability on these devices will definitely kill the security of any computer or ATM.

Wired keyboards emit electromagnetic waves, because they contain eletronic components. These eletromagnetic radiation could reveal sensitive information such as keystrokes ... we measured the electromagnetic radiations emitted when keys are pressed.
...
We conclude that wired computer keyboards sold in the stores generate compromising emanations (mainly because of the cost pressures in the design). Hence they are not safe to transmit sensitive information. No doubt that our attacks can be significantly improved.

Dave Parrack is petrified:

Until today, I thought the only way a keyboard could be compromised was by the use of a keylogger. It seems I was wrong, and given the right equipment and technical know how, your keyboard could be vulnerable, even from a distance.
...
This scares me no end because I’m already someone who is quite paranoid about online security, hackers, and identity theft. The fact that it’s possible to have your security compromised in this way while sitting in your own house or office, and with the hackers having not ever touched your computer or keyboard in any way is the stuff of nightmares.

John Mahoney has the answer:

The researchers devised four separate methods for EM eavesdropping, which will be detailed in specifics in a paper to be released after peer review. The method for intercepting signals involves detecting the full spectrum of electromagnetic radiation emitted by a keyboard (which are unshielded to keep costs and form factors down), and analyzing the specific change in signal over a variety of wavelengths for each key press.

All the more reason to work/live in a giant Farraday cage.

And d3ac0n is already there:

This is actually easier to do than you might imagine. My old house was essentially a Faraday Cage. You could NOT get a wireless signal more then 1 foot outside it. Why? Aluminum Siding.

Add in aluminum powder tinted windows (triple layer UV and thermal glass) and the only leakage was straight up through the roof ... you could get an OK cell-phone signal on the second floor (2 bars), but almost nothing on the first floor. Walk out the front door, 4 bars. Same with WiFi. Full strength "g" signal anywhere inside, walk outside and the connection drops.

But tdc_vga calls shenanigans:

If you watch the video he sets the keyboard.eavesdropper into a listening/polling state waiting for keypress information. From there it's filtered and decoded --fine. Now the part that seemed odd to me is it exits as soon as it finds the 'e' in 'trust no one', why?

If the eavesdropper is in a polling state it should continue looking for more keypresses, unless something there are some smoke and mirrors going on.

And finally...

• Platform Madness

Buffer overflow:

• Geertjan: NetBeans Platform APIs: Top 10 Greatest Hits
• Emergent Chaos: Buffer Overflows and History: a request
• Melissa Chang: The Facebook Music mess
• Michael Hugos: What Does Joe the Programmer Think?
• Creative Chaos: Cloud Computing is the new XML

Other Computerworld bloggers:

• Preston Gralla: Google CEO: I'm for Obama
• Seth Weintraub: NVIDIA says new MacBook/Pro can do 8GB of RAM
• John Brandon: Is a Facebook Music service in the works?
• Robert L. Mitchell: Pricing still a virtualization gotcha
• Mike Elgan: Call it a 'sub-subnotebook.' New 'PC' is small as a cell phone!
• Douglas Schweitzer: Of course antivirus alone is not enough!
• Shark Tank: Another nice mess

Like this stuff? Subscribe to the RSS feed.

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 23 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.

Previously in IT Blogwatch:

• Twin-touch-display laptops: early 2009?
• EXTRA: Eee PC 900A netbook below $300
• Ballmer throws chair at Gartner; throws bone to Yahoo!