Wired Keyboards Not Safe for Sensitive Data

by Charlotte Cardingham
Published on 21 October 2008
Related Subjects:

Research reveals that criminals could detect the exact information you type into computer keyboard from up to 20 meters away.

New research has revealed a new threat to our personal data and online security – the wired computer keyboard.

Researchers from the Security and Cryptography Laboratory in Lausanne, Switzerland, have discovered that by using a simple radio antenna it is possible to remotely identify the key strokes entered into a wired computer keyboard from a distance of up to 20 meters away.

Martin Vuagnoux and Sylvain Pasini, doctoral students at EPFL, are the brains behind the research. They discovered that by analysing the electromagnetic waves produced by individual keystrokes it was possible to interpret exactly what was being typed in real time.

The duo tested 4 different attacks on 11 different makes and models of keyboard and found each one to be susceptible to at least one assault, with electromagnetic detection possible even through walls.

As a result, the team have now condemned the suitability of many of the wired keyboards currently available on the market for use in transmitting sensitive data, blaming the poor quality of the components used for their evident vulnerability.

"We conclude that wired computer keyboards sold in the stores generate compromising emanations (mainly because of the cost pressures in the design).

"Hence they are not safe to transmit sensitive information. No doubt that our attacks can be significantly improved, since we used relatively inexpensive equipments."

It is doubtless that this research has important implications for the security of any information we key in to our computers when we make payments or access account information online. However, more worryingly still, it also has a wider reach as it suggests that criminals could potentially use such electromagnetic tracking techniques to remotely steal sensitive information as it is keyed into ATMs, Chip and PIN machines and the like.

Full details of the study are not yet available; however Vuagnoux and Pasini have released a statement accompanied by sample videos of their experiment. It is expected that a comprehensive report will soon be published in a peer review journal.

Source

Get more protecting your identity deals like this every week.
Enter your email and name below to join over 460,000 other members who benefit from our invaluable deals each week.
your email
first name
Add

Add a comment.

Login |
Sign Up
(optional)
Name:
Comment:

You have 1000 characters left
 

Refresh Image
Please enter the characters to the right
 
 
14

Your Comments

ED
on 13 Jan 2009 04:38
Intelligence communities had protected against this threat by the early 1970,s.
 
ooopinionsss
on 4 Dec 2008 05:08
How you think when the economic crisis will end? I wish to make statistics of independent opinions!
 
Offiniavy
on 8 Nov 2008 11:48
Heh. Nice. Sometimes I can't help but show you my sensitive thesis A JOKE! ) What kind of shoes do snakes wear for swimming? Water mocassins.
 
maddog
on 3 Nov 2008 15:44
I served in the Australian signals Corps in the early 90's, one unit I served in (127 sig sqn) had a 'Tempest' troop, which had an Isuzu van which used to do just this. They would travel around Defence installations and other government departments and see what they could pick up. If they got stuff they would then rectify the situation. Transient Electro-Magnetic Pulse Surveillance Technology?
 
Mark
on 2 Nov 2008 21:11
That's not new. It has been possible to pick up the radiation from PCs from a van parked outside a building with a few thousand dollars worth of equipment for at least 15 years if not longer.
 
Anon
on 24 Oct 2008 10:33
Okay so far 8 comments and nobody has gotten the point. they exploited WIRED keyboards. Not WIRELESS. they article clearly states that they pulled information through electromagnetic fields, not RF or blue tooth. Also, to my knowledge, there are no known ATMS that would use a wireles pinpad. Wireless connection, maybe, but not a wireless pin pad.
 
Stuart
on 22 Oct 2008 21:40
Thankfully I mistype stuff all the time.
 
asdf
on 22 Oct 2008 14:58
i doubt this could be done outside a lab... most areas are flooded with rf and keyboard signals would be lost or overpowered... then there's the problem of distinguishing keyboard A and keyboard B
 
inotme
on 22 Oct 2008 01:27
So what? Computers are now even less secure. I don't think we should panic because there is now one more security vulnerability. Better education is the key.
 
aaron
on 22 Oct 2008 01:23
similar things can be done to view exactly what is appearing on your screen at any time.
 
MaXiMuS
on 22 Oct 2008 01:09
but obviously wireless keyboards pose a bigger threat because they are DESIGNED to transmit, esp if all of them are follwing the same standards
 
nottings
on 21 Oct 2008 23:34
This is nothing new... the NSA has been doing this since the 80's
 
asdf
on 21 Oct 2008 23:33
don't they mean wireless?
 
GMACD
on 21 Oct 2008 22:47
The heading should read "Research reveals that government criminals could detect the exact information you type into computer keyboard from up to 20,000 kilometres away".