Swiss researchers say they can log keystrokes from Microsoft’s wireless keyboards from up to 50 metres away using special radio equipment, and are close to being able to control affected computers remotely.
The protocol for securing some of Microsoft’s wireless keyboards has been cracked, opening up the possibility of keystroke logging, according to Swiss security company Dreamlab Technologies.
Microsoft’s Wireless Optical Desktop 1000 and 2000 keyboards communicate by transmitting radio signals to the sound card in a user’s computer. The data stream is encrypted using an exclusion-or (XOR) cipher, which is not strong enough to secure the communication, according to Dreamlab’s senior security specialist, Max Moser.
“This is nothing like a crypto-algorithm,” Moser told ZDNet Australia sister site ZDNet.co.uk. “An exclusion-or binary is really a simple mathematical idea. You can crack the cipher by hand. You take two values, write both lines and look at the different digits. When either the top or the lower line is 1, you write 1. If both are 0, you write 0. For me, this is just obfuscation [rather than encryption].”
Dreamlab started their cracking efforts six months ago. They first identified the radio frequency used by the keyboards. They then used a piece of copper wire to intercept the signal, which is effective to a range of 10 metres, including through walls and floors.
Hack, Keyboard, Keylogger, Microsoft, Spyware, Wireless, Frequency, Wireless Keyboard, Peripherals, Wireless Optical Desktop