Microsoft's Wireless Keyboard: A Threat to Your Security
How an Eavesdropper Decodes Every Data Sent from Wireless Keyboard
Consider a scenario, where a sneaky eavesdropper would like to find out his/her neighbors' conversation who has just installed a new Microsoft wireless keyboard. The eavesdropper is aware of his/her neighbors' email address and only needs to know the password. Luckily, the eavesdropper is aware of the radio frequencies and knows how to crack it. She/he sets up the antenna and interferes with the wireless frequency. A moment later, he/she decodes every data being sent from the wireless keyboard and finally get access to his/her neighbors' email account.
Microsoft's wireless keyboards work on a 27 MHz frequency band in order to communicate with the base station and Dreamlab technologies have found a way to sniff the data traffic being sent through it. In a demonstration, they showed how easy it was to crack the encryption used in Microsoft's wireless products. After a deep analysis, they found out that the encryption algorithm used in Microsoft wireless keyboard was very poor and keys like Alt and Shift were sent out as plain text without any encryption. The encryption on normal keys involved a simple XOR mechanism where the keys contained a random 1 byte value determined during the initial sync with the receiver. So, if you are able to detect the handshake protocol, you can easily decrypt the keystrokes as there are only 256 possible encryption keys available. Using a dictionary or a brute force attack, you can check all the possible combinations just after receiving 20-30 keystrokes.
With this technique in mind and knowledge of radio frequency, it is very easy for a developer to build a wireless keyboard logger for Microsoft's wireless keyboards that could pick up every keystroke sent from the device.
Keyboards or devices that use Bluetooth are not susceptible to such attacks. Microsoft's wireless keyboard series 1000, 2000, 3000 and 4000, suffer from this poor encryption technique and are vulnerable to attack.
Before purchasing a new Microsoft wireless keyboard, review about it on the Internet and make sure the model you are purchasing does not suffer from the poor encryption algorithm implemented in the earlier series of the product.
Source:
"27 Mhz Keyboards Insecurity" DreamLab
Published by Harsh Gupta - Tech Writer
I am a part time freelancer and writing is my hobby Some of my websites: http://www.GenericArticles.com http://www.JailBreakingiPhone.com View profile
- Simple Steps to Wireless SecuritySimple security steps leverage ease of installation of a small office/home office wireless network and protect your data against attacks on your computer privacy.
Review of Microsoft Windows 7With Windows Vista having been a big mistake, some would say, what does the testing version of Microsoft's newest Operating System bring to the table, as far as the casual user...
ASUS EEE PC Compact NotebookThis a a review of the ASUS EEE PC, a lightweight compact notebook system that starts at $299 and weighs around two pounds- Micro Innovations Wireless Keyboard and Mouse ReviewMicro Innovations wireless keyboard and mouse combo is a cheap luxury, at a price of approximately 30 dollars. Micro Innovations products are also guaranteed for life, which is more than can be said about most things...
- The Dangers of Poor Wireless SecurityA brief look into wireless security and how using old technology can leave your wireless network open to attacks and compromise.
- Wireless Security Issues
- Introduction to Wireless Networking
- Protect Your Home with a Wireless Security System
- Review: Microsoft Wireless Optical Desktop 1000, Wireless Keyboard and Mouse
- Microsoft Keyboard with Spillproof Technology Gets Two Thumbs Up
- How to Setup Wireless Networking in Your Home
- Using Remote Security Cameras with Your Wireless Computer Network
- Microsoft's Wireless Keyboard is a Security Risk.
- Microsoft's wireless keyboards work on a 27 MHz frequency band .
- Keyboards or devices that use Bluetooth are not susceptible to such attacks.