Security Response

Wireless keyboards have been around for several years. Afterdeveloping the first series of infrared devices, vendors have developedradio-based keyboards that run at 27 MHz.

Researchers Max Moser and Phillip Schroedel of Dreamlab Technologiesrecently released a report stating that various 27MHz keyboard devicesare prone to an information disclosure vulnerability due to weakencryption (BID 26693).These devices include Microsoft’s Wireless Optical Desktop 1000 and2000 models. The researchers also claimed that the 3000 and 4000 modelsas well as other 27MHz-based wireless laser desktop series may also bevulnerable, but this has not been confirmed.

The researchers managed to break the encryption on these devices.They claim that Microsoft uses an 8-bit XOR mechanism to encryptwireless keystroke data. This means that there are only 2^8 or 256possibilities for the encryption key, which can easily be brute...