Skip to main content

Wired Keyboards Remotely Hacked From 20 Meters Away

LASEC, the Security and Cryptography Laboratory, claimed to have found four different ways of remotely capturing keystrokes from wired keyboards from a distance of up to 20 meters away. The keystrokes can be captured through walls, making vulnerable the security of many computers and even possibly ATMs.

The approach used works on the theory that when a key is pressed on a wired keyboard, it produces electromagnetic emanations. This electromagnetic radiation can be acquired and captured with the use of an antenna, which can then be analyzed. Four different methods had been tested, including the Kuhn attack, although not much information on the other methods have yet been provided. It was claimed that the attacks could be significantly improved, as the equipment used in the experiment was relatively inexpensive.

Eleven different wired keyboard models were tested, including PS/2, USB and laptop keyboards, all of which were vulnerable to at least one of the four different methods used. Apparently the reason these keyboards generate the compromising emanations is mostly “because of the cost pressures in the design.” More information regarding these attacks will soon be published, although the paper is still undergoing peer review. For the time being however, there are two videos being hosted that demonstrate the attacks.

From the videos, it looked as if the antenna being used in one of the demonstrations was rather large and not very inconspicuous, nor did it seem as if the keystrokes could be captured at a high rate of speed. However, with banking machines using wired keyboards, it may be possible for a truck to park nearby an ATM and remotely capture private information entered into the ATM, such as a customer’s PIN. No longer it seem is just avoiding wireless keyboards enough to ensure security, as even wired keyboards now need protection, such as electromagnetic shielding.

  • OH WOW!
    ...this technology has been around for about 20 years couting from now.
    it not only enables the keystroke capturing but also video capture from crt monitors anyway LASEC is the first non-military organization to develop this technology.
    Reply
  • computerninja7823
    dang, now i feel more unsafe about using this keyboard..........
    Reply
  • I'm the first :D
    Don't care if you rate this comment negatively!
    Reply
  • dang,I'm not....
    Still,pretty amazing what they can do!
    Reply
  • They didn't do the test on powered PC's and laptops...
    Wanted to see if laptops where safe...
    Reply
  • jhansonxi
    It's been proven that the sound of keyclicks can also be correlated to specific keys and used for snooping.
    Reply
  • stakt21
    Interesting someone is reporting and testing this type of stuff after so long. The military has been on top of this for 40+ years. They call it EMSEC. (Emanations Security) Equipment that comes in contact with any Classified information goes through TEMPEST tests and/or has to meet certain regulations that remove the likelihood that these "compromising emanations" will be intercepted. For example: separating Classified and Unclassified equipment/cables/etc, and having these items in a controlled area.
    Reply
  • T-Bone
    I don't understand why they remove the monitor, cpu, and power supplies from the tests? That's a pretty large & bulky antenna to use "stealthily" (not 2 mention all of the other bulky equipment they're using.) I think that with all of the other ambient signals ALL over the place, it would still be pretty difficult to capture stuff from ATMs (which usually use milspec stuff anyways) or from business or home environments. Also, who the f types at that speed?
    Reply
  • Caffeinecarl
    This is scary... I'm afraid, VERY AFRAID.
    Reply
  • ceteras
    I wonder, considering the amounts of power a cpu needs to operate, how far would reach the electromagnetic radiation emited by cpu or by it's power traces?
    That signal is in a ultra-short wavelength and is somehow related to all the machine does. it could reach far enough to get intercepted. not sure how hard it would be to decode.
    Reply