Alarm sounded over wireless keyboard sniffer
'Cock-a-doodle-do', clucks Symantec.
By John E Dunn | Published: 15:21, 09 June 2009
Security vendor Symantec is so concerned about the potential misuse of a new wireless keyboard sniffer it has put out a warning about the technology.
‘Keykeriki' - a play on words derived from the Italian onomatopoeia for the sound made by a cockerel -is the work of the Remote-Exploit.org , a semi-commercial group that has been working on the open source project for nearly two years.
The group claims the hardware and software combination can intercept the keystrokes from all Microsoft wireless keyboards using 27Mhz wireless radio transmission frequency by analysing electromagnetic patterns, and said it was working on doing the same for rival Logitech keyboards very soon.
What this means is that pressing keystrokes entered on a wireless keyboard could be ‘sniffed' from a distance up to around 10 metres, in theory giving criminals access to data such passwords and user names. Although the project has been in the open for some time, Symantec has only recently become concerned enough to now recommend that users in security-conscious environments return to using wired keyboards.
The apparently simple answer to the hack is encryption, but that ignores the fact that Bluetooth and radio-based keyboards already use encryption, albeit in a weak form - the sniffer is intercepting tiny electro-magnetic fluctuations as the keys are pressed, not as they are transmitted.
The principle has been understood for some time, as research released by a team at the Ecole Polytechnique Fédérale de Lausanne in Switzerland demonstrated last October.
The answer is either to introduce enough signal noise around the keyboard, use a wired keyboard (although this might also not be secure) or build in virtual keyboards for use when entering secure data. There is no sign that Windows 7 will come with such a utility, but perhaps it should.
The main component, the hardware, had yet to be finalised or put into a form that can be manufactured. The creators of Keykeriki say they will add an LCD to read keystrokes, a GPRS transmitter and even an iPhone ‘interface'.
What if the group's motivation for producing such a system? Officially, Remote-Exploit.org describes it in the following rather disingenuous terms on its website "This open source hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only)."
More likely, the group are demonstrating their security expertise as a way of getting other work. The chances of producing the required hardware in saleable form look (unpun), remote. Symantec's anti-malware software is not known to have any means to block or detect such sniffing, though it is possible that an electrical ‘anti-sniffer' could be developed to detect the Keykeriki interception.