Microsoft wireless keyboard hacked from 50 metres - Linux

This is a discussion on Microsoft wireless keyboard hacked from 50 metres - Linux ; Swiss researchers say they can log keystrokes from Microsoft's wireless keyboards from up to 50 metres away using special radio equipment, and are close to being able to control affected computers remotely. The protocol for securing some of Microsoft's wireless ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Microsoft wireless keyboard hacked from 50 metres

  1. Microsoft wireless keyboard hacked from 50 metres


    Swiss researchers say they can log keystrokes from Microsoft's
    wireless keyboards from up to 50 metres away using special radio
    equipment, and are close to being able to control affected computers
    remotely.

    The protocol for securing some of Microsoft's wireless keyboards has
    been cracked, opening up the possibility of keystroke logging,
    according to Swiss security company Dreamlab Technologies.

    "This is nothing like a crypto-algorithm," Moser told ZDNet Australia
    sister site ZDNet.co.uk. "An exclusion-or binary is really a simple
    mathematical idea. You can crack the cipher by hand. You take two
    values, write both lines and look at the different digits. When either
    the top or the lower line is 1, you write 1. If both are 0, you write
    0. For me, this is just obfuscation [rather than encryption]."

    .... "Range is not a problem," said the security specialist.

    But Moser said that, although he could log keystrokes, he hadn't yet
    been able to take control of a compromised computer remotely, because
    there were still some parts of the keyboards' protocol that were
    unknown to him. Because the protocol is proprietary to Microsoft,
    meaning the researchers do not have access to the source code, they
    decided to analyse the data on a binary level, rather than use reverse
    engineering.

    "The real challenge was to understand the keyboard protocol," said
    Moser. "With 40 bytes per keystroke, it's difficult to understand
    which [byte] holds the data. From the binary stream, we built the data
    into meaningful sets and groups."

    Microsoft's director of security response, Mark Miller, said the
    company was investigating Dreamlab's claims. He said Microsoft was
    unaware of any attacks exploiting the claimed vulnerability or any
    customer impact.

    "We will take steps to determine how customers can protect themselves
    should we confirm the vulnerability," Miller added.


    http://www.zdnet.com.au/news/securit...9284328,00.htm

  2. Re: Microsoft wireless keyboard hacked from 50 metres

    On Thu, 6 Dec 2007 15:49:14 -0800 (PST), "nessuno@wigner.berkeley.edu"
    wrote:

    >
    >Swiss researchers say they can log keystrokes from Microsoft's
    >wireless keyboards from up to 50 metres away using special radio
    >equipment, and are close to being able to control affected computers
    >remotely.


    Good.
    Maybe now they can prove that Roy Culley and Robert Parsonage are the
    same person, amongst others.

  3. Re: Microsoft wireless keyboard hacked from 50 metres

    ____/ nessuno@wigner.berkeley.edu on Thursday 06 December 2007 23:49 : \____

    > Microsoft's director of security response, Mark Miller, said the
    > company was investigating Dreamlab's claims. He said Microsoft was
    > unaware of any attacks exploiting the claimed vulnerability or any
    > customer impact.


    My supervisor has some keyboards just like that and another 'vulnerability'
    these have is setup difficulty. At some stage I think he spent hours just
    trying to get this to work (despite prior experience). I can't recall if he
    reached out for the IT staff at the end, but this was somehow resolved. They
    say that Microsoft has a notoriety when it comes to making its own products
    compatible with one another (examples: Zune-Vista, IE7-Frontpage).

    Windows -- when you can spare time tinkering with point and click menus that do
    nothing and aren't verbose enough to say what's wrong...

    --
    ~~ Best of wishes

    Roy S. Schestowitz | Microsoft's Counter-Supportive Evangelist (MCSE)
    http://Schestowitz.com | GNU is Not UNIX | PGP-Key: 0x74572E8E
    roy pts/2 cg093a.halls.man Wed Dec 5 11:01 still logged in
    http://iuron.com - proposing a non-profit search engine

  4. Re: Microsoft wireless keyboard hacked from 50 metres

    Roy Schestowitz espoused:
    > ____/ nessuno@wigner.berkeley.edu on Thursday 06 December 2007 23:49 : \____
    >
    >> Microsoft's director of security response, Mark Miller, said the
    >> company was investigating Dreamlab's claims. He said Microsoft was
    >> unaware of any attacks exploiting the claimed vulnerability or any
    >> customer impact.

    >
    > My supervisor has some keyboards just like that and another 'vulnerability'
    > these have is setup difficulty. At some stage I think he spent hours just
    > trying to get this to work (despite prior experience). I can't recall if he
    > reached out for the IT staff at the end, but this was somehow resolved. They
    > say that Microsoft has a notoriety when it comes to making its own products
    > compatible with one another (examples: Zune-Vista, IE7-Frontpage).
    >
    > Windows -- when you can spare time tinkering with point and click menus that do
    > nothing and aren't verbose enough to say what's wrong...
    >


    The same issue applies to British Passports with the SSID chip in them.
    Criminals will be able to scan you in crowds with the greatest of ease,
    the things are a huge risk to personal safety.

    --
    | Mark Kent -- mark at ellandroad dot demon dot co dot uk |
    | Cola faq: http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/ |
    | Cola trolls: http://colatrolls.blogspot.com/ |
    | My (new) blog: http://www.thereisnomagic.org |

  5. Re: Microsoft wireless keyboard hacked from 50 metres

    ____/ Mark Kent on Friday 07 December 2007 15:10 : \____

    > Roy Schestowitz espoused:
    >> ____/ nessuno@wigner.berkeley.edu on Thursday 06 December 2007 23:49 : \____
    >>
    >>> Microsoft's director of security response, Mark Miller, said the
    >>> company was investigating Dreamlab's claims. He said Microsoft was
    >>> unaware of any attacks exploiting the claimed vulnerability or any
    >>> customer impact.

    >>
    >> My supervisor has some keyboards just like that and another 'vulnerability'
    >> these have is setup difficulty. At some stage I think he spent hours just
    >> trying to get this to work (despite prior experience). I can't recall if he
    >> reached out for the IT staff at the end, but this was somehow resolved. They
    >> say that Microsoft has a notoriety when it comes to making its own products
    >> compatible with one another (examples: Zune-Vista, IE7-Frontpage).
    >>
    >> Windows -- when you can spare time tinkering with point and click menus that
    >> do nothing and aren't verbose enough to say what's wrong...
    >>

    >
    > The same issue applies to British Passports with the SSID chip in them.
    > Criminals will be able to scan you in crowds with the greatest of ease,
    > the things are a huge risk to personal safety.


    Phones:

    Cryptome: NSA has access to Windows Mobile smartphones

    http://blogs.securiteam.com/index.php/archives/1028

    Hardware:

    Chip Design Flaw Could Subvert Encryption

    http://www.crm-daily.com/story.xhtml...d=11200BH5USIO

    Operating systems/PC:

    How NSA access was built into Windows

    http://www.heise.de/tp/r4/artikel/5/5263/1.html

    Networks:

    Did NSA Put a Secret Backdoor in New Encryption Standard?

    http://www.wired.com/politics/securi...tymatters_1115

    Many more references exist, so that's just a short take. Today's computing
    equipment seems to be broken by design. Lack of transparency enables this.
    Digital slavery via DRM and related technologies; Digital surveillance via
    weak protocols.

    You know, if you were to point it out to some companies/authorities, they would
    fail (or refuse) to even see anything /wrong/ with this.

    --
    ~~ Best of wishes

    Roy S. Schestowitz | How I learned to stop worrying and love GNU/Linux
    http://Schestowitz.com | Free as in Free Beer | PGP-Key: 0x74572E8E
    Cpu(s): 27.4%us, 4.4%sy, 1.0%ni, 62.4%id, 4.4%wa, 0.3%hi, 0.2%si, 0.0%st
    http://iuron.com - semantic engine to gather information

+ Reply to Thread