Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Community Blog

Wireless Keyboard Vulnerability

Created: 09 Jun 2009
khaley's picture
0 0 Votes
Login to vote

 If you get the right kind of satellite dish you can grab signals that float through the air and see live network broadcast feeds. Cell phones send data through the air and with the right equipment you can snag it as well. Our voices travel through the air on their own and you can buy a device in the back of an airline magazine to capture the sound and ease drop on conversations. Now a group has released an open source kit to allow someone to capture the keystrokes from a wireless keyboard. See here: gizmodo.com/5279087/keykeriki-open-source-wireless-keyboard-sniffer

It’s promoted as a tool to verify security and to demonstrate sniffing attacks. Fun at parties too, I have no doubt. But what is getting people upset is that it could be used by bad guys to capture what you type into your computer.

It should be pointed out that there are quite a few ways to do that today. Keystroke loggers are unfortunately a fact of life in today’s threat landscape. We see software version of keystroke loggers by the thousands.

This new method, the KeyKeriki, is software and hardware based. And because it’s capturing the wireless communication between the computer and the keyboard, it doesn’t require planting any software on the computer.

I don’t like this thing. But it’s there. And if the release of this tool kit raises visibility on this vulnerability and pushes wireless mouse and keyboard manufactures to make the communication more secure, then overall it’s a positive development. But mainly, I don’t think this is quite the end of the world scenario that some people seem to think it is. It’s just one more option that bad guys have, and maybe not that great a one. Let’s take one scenario that been thrown around; it shows that people have not really thought this through.

The bad guys set one of these up at an airport. Everyone working on computers in the departure areas of an airport are now vulnerable to having their keystrokes captured. Well, actually, setting up a router and pretending to offer free internet access is the same amount of effort. I can’t think of any advantages a keyboard sniffer would bring to this scenario. And really, I have never, ever, seen someone with a wireless keyboard at the airport. Laptops seem more practical when you need a computer to work on the go. I mean a laptop fits on your, well, lap.

So any hacker would need to think things through before choosing this as a “solution.” Here’s what they would need to consider:

Physical access. Someone has to put this box near the keyboard (I don’t know the exact range, but let’s assume it not unlimited). So the bad guy will need physical access to a build, or have one of those panel trucks they could park outside the building.

Scalability. Am I going after one person or as many as I can get? If I need to plant hardware I’m only going after those in physical range. Unless I’m targeting a specific person, a software solution seems like a better bet. If it’s a volume game, harvest passwords from as many people as I can, a keystroke logger is the practical solution. It doesn’t make sense to run around town hiding hardware all over the place.

So who might become users of this sort of tool? People who want to spy on someone. It a one-on-one attack. For all the reasons above I don’t believe this would be government agencies. It’s a heck of a lot easier to email your target a Trojan then to mail them a box that says “Don’t open and please store under your desk.” And frankly I think if they wanted this type of technology they already have it. They’re not building open source kits.

Private detectives or Spies-for-hire with limited resources and budgets maybe. They can have their gadget guy build them one, or someone may create a small business building and reselling the thing. "For testing and amusing your friends, ot to be used as a device for spying," the ad will say. A software solution would be cheaper and easier to get installed. But if you can solve the physical access problem and come up with a good hiding space for the device this may avoid the problem of detection by a security product on the computer.

Possible a hobbyist who wants to spy on a spouse or girlfriend. Again, it seems like a lot of trouble when a software solution would be simpler. And for a spouse or girl friend it’s probably even simpler to get software loaded onto the PC. Most of these stalkers have access to the computer. They may even be sharing it with the person they’re spying on.

I don’t want to belittle the threat to people being spied on. But realistically, most of us shouldn’t be tremendously concerned about this development. The threats to us will still be software based and protection can be had with a good security software package. But if you are concerned, by all means get a keyboard with a wire.