Keyboard "eavesdropping" just got way easier, thanks to electromagnetic emanations
[Thanks, Dave]
Filed under: Peripherals
[Thanks, Dave]
[Thanks, Dave]
Previous
Editorial: Taking the iPhone 3GS off the job market
myTouch 3G hands-on (with video!)
Olympus E-P1 hands-on, test shots, and mini-review
Wii MotionPlus impressions
HTC Hero hands-on
MacBook Pro (mid 2009) in-depth impressions
Engadget Podcast 154 - 07.11.2009
Breaking news Feed
- Sony Ericsson Rachael UI video leaks out, Kiki comes for the ride
- T-Mobile's myTouch 3G launch event: pre-orders now available
- Google announces Chrome OS, coming to netbooks second half of 2010
- LG teases next-generation Chocolate for August unveiling
- Sony VAIO W netbook now official in US, coming August for $499
- Palm Pre official on O2 and Movistar in Europe, launch "in time for holidays"
- Creative Zii and Zii EGG touchscreen players with HD cameras served up by FCC
- Sony announces VAIO W... netbook!
- Sony Ericsson "Rachael" Android XPERIA handset unveiled?
- Sprint matches Verizon's pace, launching BlackBerry Tour on July 12
Featured stories Feed
- Entelligence: Why the pen isn't mightier than the keyboard
- How would you change Sony's OLED Walkman?
- Editorial: Taking the iPhone 3GS off the job market
- Video: Toshiba TG01 gets UK launch, we handle it again
- Ask Engadget: What's the best nettop out there now?
- HTC Hero vs. T-Mobile myTouch 3G... fight!
- Switched On: With Google, this is not your father's OS war
- myTouch 3G hands-on (with video!)
- T-Mobile's myTouch 3G launch event: pre-orders now available
- Verizon BlackBerry Tour 9630 review
Engadget Video
- LG's LX290 for Sprint touts "compact and sleek productivity"
- Verizon to its smartphones: thou shalt have no other app store before mine
- Windows 95 on iPhone: the worst Parallels installation you've ever seen
- Skyfire for BlackBerry reaches private beta, BlackBerry browsing a little closer to not sucking (updated: nope, still alpha)
- Video: New Palm Pre ad takes serene approach, just goes with the flow
- Rock out to these Guitar Hero 5 features
- Modern Warfare 2: Prestige Edition includes working night vision goggles, original Call of Duty for PSN/XBLA
- Hands-on: Left 4 Dead 2
- Rumor: Resident Evil 4 for iPhone accidentally released, quickly pulled
- Stream EVO 2K9 from home, maintain a safe distance from stray Shoryukens
Resources
Sections
WIN Network
- Autos
- Technology
- Lifestyle
- Gaming
- Entertainment
- Finance
- Sports
- Also on AOL
Reader Comments (Page 1 of 2)
Tony Bowman @ Oct 20th 2008 1:17PM
And the Cryptonomicon references are...GO!
Testies, Testies, 1, 2... 3? @ Oct 20th 2008 3:25PM
"All your keyboards are belong to us!"
John @ Oct 20th 2008 1:20PM
time to start carrying around a faraday cage and a very long wifi antenna.
I LOVE THE CAPS LOCK KEY @ Dec 4th 2008 1:40AM
Problem solved, covert all of your keyboard connections to fiber optic.
Hiro11 @ Oct 20th 2008 1:20PM
I came here for the Van Eck Phreaking / Randy Waterhouse / Golgotha references... I am glad to, once again, see Engadgeteers rise the the challenge.
/nods approvingly.
Taylor @ Oct 20th 2008 1:21PM
Spooky, but i feel like if they started adding encryption to the keyboard before it even transmitted the keypresses over the wire, it would eliminate this kind of attack.
-Taylor
Tony Bowman @ Oct 20th 2008 1:27PM
More likely, something like a "secure" keyboard will be marketed to governments and companies trying to protect trade and national security secrets, probably at an exorbitant price per unit, compared to what your average Instructables reader/contributor could come up with stuff from the spare parts bin.
And part if not all of me thinks that this is the whole point of a lot of this type of "security" research. "Find an ultraobscure vulnerability, not for research, but to market a product."
There's a lot of value in security research, but it always seems so...dirty on both sides of the equation in the final analysis.
OneLove @ Oct 20th 2008 2:20PM
$$$$
xocoatl @ Oct 20th 2008 3:26PM
encryption can be cracked... but how about transmitting data by cheap audio fiber optic wire
Aguiluz @ Oct 20th 2008 3:59PM
If I were to protect myself...
1. Plug in laptop to power supply and place near keyboard.
2. Put AC adaptor for modem near keyboard.
3. Put printer AC adaptor near keyboard.
4. Put AC-powered alarm clock near keyboard.
5. Put Playstation 2 adaptor near keyboard.
6. Put AC-powered piece of crap LCD TV near keyboard. (My LCD TV creates a helluva lot of noise).
7. All devices make many of a interference.
8. Interference preventing recognizing signalling from keyboard.
9. Profit?
These are the things I have in handy in my room so I use them.
Jagster @ Oct 20th 2008 5:32PM
New security requirements:
1) Type faster than 1 keystroke per second, or 2) Use a monitor to see what you are typing, or 3) Use a computer like you normally use a computer (Connected to power, with a monitor, with nearby speakers|telephone|cell phone|mouse)
adaminc @ Oct 20th 2008 9:36PM
As xocoatl mentioned, the best way would be to make fiber optic keyboards, which will probably happen with USB 3 as I have heard it will have fiber optics in it.
bigdoggie @ Oct 20th 2008 1:22PM
Time to wrap my keyboard in a faraday cage..
Alexandre Emond @ Oct 20th 2008 1:28PM
And your complete workstation...
nerdtalker @ Oct 20th 2008 1:35PM
Or apparently just plug your laptop into its DC power supply, or use a CRT monitor, or the PSU in a desktop, or generate some EM noise on the same band as the keyboard.
Note how they were very careful to isolate the keyboard from any potential source which would contaminate the signal. Therein lies how to secure the system; obscure it in noise and suddenly the keyboard presses are indistinguishable from noise.
bigdoggie @ Oct 20th 2008 5:24PM
Don't keyboards generate electromagnetic fields at a different frequency than CRTs, etc?
matt @ Oct 20th 2008 1:27PM
seems cool, but limited. they took every precaution to make sure there was no signal bleed from other sources, so what is the chance that anyone types on a keyboard with power but no power, audio, or video cables near it?
Josh @ Oct 20th 2008 1:40PM
I was thinking the same thing. Wouldn't this pick up other sources as well? Even if it doesn't, what about in an office setting or coffee shop where there are multiple keyboards typing at once, it would just get a jumbled mess of letters and numbers, right?
R1cebrner @ Oct 20th 2008 1:42PM
Or in an office that has 400 different keyboards all typing different things at the same time
Tid @ Oct 20th 2008 1:48PM
and a a rate of one keystroke per second..?
Tyler Ransom @ Oct 20th 2008 2:39PM
This doesn't mean that picking up on your typing is not possible with a monitor or PSU plugged in. This is merely an experiment. Refinement of the signals would more than be possible to do i'm sure.
Normal @ Oct 20th 2008 3:08PM
I gathered that they removed all that equipment so that there was no way they could cheat this proof-of-concept video. For example, they unplugged it from the PC so that they couldn't have it secretly running and transmitting all the keystrokes wirelessly.
b @ Oct 20th 2008 3:32PM
Hmm... a phased array of antennae would help distinguish signals from several sources. Seems speed the slow speed of the 'capturing' could be due to the large amount of data that needs to be ADC'ed and saved before being processed, and the processing itself. I'm sure that, with sufficient funds, typing from multiple sources at 'normal' typing speed should be quite achievable.
Scott @ Oct 20th 2008 1:38PM
Seems easy to thwart this .. simply apply an RF choke on your wired kb. As simple as passing the cable through a small coil.
Taylor @ Oct 20th 2008 2:22PM
i doubt it. even laptop keyboards were vulnerable, and they don't have a cord at all.
-Taylor
Chris @ Oct 20th 2008 1:39PM
Oh my god, the one keyboard they displayed, the black curved one, is the one I have. (I think o.O)
Chris @ Oct 20th 2008 1:43PM
Never mind, I went back and watched and paused it super fast so it was like frame by frame. Also, it looks like they tested those flat Apple keyboards. Its at 2:47 and has a white USB cord.
blarvh @ Oct 20th 2008 5:17PM
I think all almost all wired consumer keyboards are vulnerable.
That's why I type on a wireless keyboard! No one can eavesdrop on logitech RF technology!! (Just kidding.)
Kosta @ Oct 20th 2008 7:09PM
lol!
Nando @ Oct 20th 2008 1:43PM
Now, not even our tin foil hats can protect us!!!
But, I agree with Matt as well. This was done in a controlled environment. With cell phones giving us cancer, wifi signals coming a dime a dozen around us, GSM phones making our old monitors twitch, and add your own...i'm sure the results would be a LOT less than perfect in the real world.
errrr...I hope they'd be..hahahaha
R1cebrner @ Oct 20th 2008 1:43PM
@ josh
we where thinking the same thing at the same time. guess i need to refresh my screen before posting replies
Carl Watkins @ Oct 20th 2008 1:49PM
Um... well so far this isn't scaring me, I never type that slow (and I don't know anyone that does), I have a LCD monitor, and I have a tower with a power supply. So I'm pretty darn safe. And it looks to my like anyone who types with there screen up on there laptop, or with it plugged in, is safe too.
John @ Oct 20th 2008 1:50PM
Scary!!! Lucky my keyboard want on there.
Tim @ Oct 20th 2008 1:52PM
This has been done before...Look up TEMPEST on Wikipedia. http://en.wikipedia.org/wiki/TEMPEST
There is even a standard to test to for protection against this sort of attack.
john @ Oct 20th 2008 3:14PM
I was just about to post about tempest to. Saw this article (on Cnet or Slashdot) as well this morning. How soon people forget about old exploits.
Move along people, there's no news here, just a rehash of 30 year old security vulernabilities.
Bert @ Oct 20th 2008 1:56PM
Good thing it can't detect typing on my iPhone!
/i keed, i keed!
chansthename @ Oct 20th 2008 4:57PM
too bad even you can't detect typing on your iphone
__smooth__ @ Oct 20th 2008 2:05PM
I wouldn't be surprised if the government would stand up and acquire (READ: copy) this kind of technology, and given their resources, manage to shrink all that paraphernalia into a simple laptop (or close to it, at least) and a small antenna. However, the software able to decode the keystrokes at a fast pace whilst filtering all the noise sources is miles away.
rand @ Oct 20th 2008 2:11PM
No wonder Switzerland wisely stays out of wars. This technology has been around since the 1960's. Tim above is correct. TEMPEST is real and it has been part of electronics certifications for some government projects for decades.
Juaquin @ Oct 20th 2008 2:16PM
You guys can joke, and on most levels this isn't an issue. But for some uses this is a serious security concern that shouldn't be taken lightly - encrypted passwords mean nothing if you can read raw key data by just sitting outside a bank (government agency) in your car (van).
scuba_steve @ Oct 20th 2008 2:26PM
I saw my first "temptested PC" (a Mac actually) in 1991 in the Pentagon. You cannot believe the amount of shielding inside that machine. The mouse cord alone was 3/8" diameter metal cabling. I was asked to put in memory by a client who knew that I liked to tinker and who authorized me to break the seals. I opened it up and was dumbfounded. It was completely unrecognizable inside. Additionally, this machine was only used in a shielded SCIF. You could go that route, but there are so many other ways for your info to be leeched...and there is no way that I am about to say how. ;-)
AC @ Oct 20th 2008 3:09PM
Saying that you don't say something is almost as good as saying it... Except that people who say that they don't say something, usually don't have anything to say anyway.
msi @ Oct 20th 2008 2:42PM
This is why I only type with the faucet on full in the background.
hal @ Oct 20th 2008 2:54PM
I was waiting to watch them type Seatec Astronomy ;)
LA Smog @ Oct 20th 2008 3:25PM
First off, they turned off and removed the equipment to prove they weren't getting the signals from other sources which is already old work that's been proven. There are a few methods to get info through either the display signal noise or power supply noise, and in fact laser printers are almost dead easy to do with the huge amount of noise they put out while printing.
Second, almost any electric device can be listened to and decoded into useful info. With the original research done years ago it was tested against monitors, keyboard, printers, mice, and whole computers.
Third, it seemed awfully convenient that program ran just long enough to print out exactly what they typed. I am not saying they can't do it (this is also already old hat), but it seems strange the way the system ran.
nickmich.school @ Oct 20th 2008 3:27PM
These are very interesting exploits. I wonder though, as many others have stated, what the feasibility of these attacks would be in a normal environment that is not set up to avoid experimentation errors (i.e. the real world lol). Keyboards are clearly located in areas with lots of other electronics around and turned on, and people today type much faster than the depicted situations. Wouldn't that have a major effect on acquiring the signals in order? Just a thought..
adaminc @ Oct 20th 2008 9:31PM
I would think that multiple devices being used at the same time would be the biggest problem. The signals would mingle and the data would be corrupted.
I think PS/2 would be more of a problem given that it's specifications give more leeway in how data is transmitted, the frequency range is something like 10kHz to 16.7kHz, imagine having 100 keyboards all blasting out signals that are essentially sweeping across that range, hell, even 2 would be a mess.
USB is more strict on a per device basis, but it is more prevalent in todays world, and I could see people having multiple devices at their desk alone, all blasting out signals that would "co-mingle".
paperless @ Oct 20th 2008 3:32PM
pft... the miraculous device they use on prison break to get the cylla cards' data is way cooler :P
james @ Oct 21st 2008 12:38AM
yeah.. that's what i was thinking !! haha
Kai @ Oct 20th 2008 4:12PM
Hey maybe they can have a new USB gadget... one that spews out similar (but random) electromagnetic waves as that of the keyboard, in order to cause interference (it would have to cater to different keyboards though, I think).