Feeds

back to article Boffins sniff keystrokes with lasers, oscilloscopes

Researchers have devised two novel ways to eavesdrop on people as they enter passwords, emails, and other sensitive information into computers, even when they're not connected to the internet or other networks. Exploiting vibrational patterns and electromagnetic pulses that emanate with every character entered, the Italian …

COMMENTS

This topic is closed for new posts.
Silver badge
Stop

Not New

I read about bouncing lasers off windows some 15-20 years ago. Identifying key-click patterns came not long after.

Also sometime or another I read about recognising typing rhythms - E & T are the most commonly hit keys, so people tend to hit them harder and faster.

0
0
Silver badge

Don't thinkk I'll lose much sleep over these

The laser microphone trick is old news - published at least ten years ago, maybe more. So far, the IT world hasn't come crashing down around our ears - possibly because so many people have sound-insulating double glazing. Although there are valid reasons why secure installations don't have windows. It's just that the overwhelming majority of PCs can be cracked in easier ways, without having a van parked outside your building, attracting attention.

The stuff about minute electrical currents - yeah, well. I think I'll wait until the "can" in the article has been translated into "here's a video of it being done".

Until then, I'll keep my PS2 keyboards (and mouse) plugged in. I'm not planning on moving away from my window either.

0
0
Silver badge

USB keyboards not immune

... Its just that these blokes have not identified a hack. In principle hacking USB is not really different to PS2.

Getting PS2 keystrokes should be relatively easy since the PS2 keyboard sends a clocked data stream. That should be relatively easy to pick up so long as there are few other noise sources nearly. Of course, like with any RF or magnetic signals, it would also be almost trivial to design a jammer that just spits out a stronger RF signal sending out "Mary Has A Little Lamb...", perhaps there is a maket opportunity for selling jammer keayboards or dongles to the tinfoil-hat brigade.

0
0
Silver badge

Never fear

"Imagine what a determined government agency can do."

...Waste millions of dollars on failed contracts and public enquires?

0
0

@USB keyboards not immune

More likely USB is immune because it uses differential signaliing and any bounce it creates on the power supply is identical for a '1' or a '0'. PS2 is single ended.

0
0
Black Helicopters

This is why ...

... I only ever type in my password in the bathroom, with all the taps running.

0
0

@Charles Manning

They're not talking about detecting RF in the second method, that's from the other linked article, but about presumably some kind of cross talk due to the way the device is powered from the PC. Hence USB is immune.

0
0
Joke

Nerds at play

http://xkcd.com/538/

0
0
Anonymous Coward

Not hard to defeat

For electrical signals, just stick a low pass filter on your power input - like you should anyway - a decent surge arrestor would probably do. Audio? I invest in the protection of Van Halen and AC/DC - or just use an on-screen keyboard for the critical stuff.

0
0
Bronze badge

Poetic

I rather like the poetic flow of this headline, like a fragment from some odd ballad:

"Boffins sniff keystrokes with lasers, oscilloscopes - they must love the smell of those keys.

Genius weaklings with new styles of phreaking will see all your data set free..."

0
0

Want to know what sometime is typing?

All you need are sharks with frikken' laser beams attached to their heads. This time, ill-tempered mutated sea-bass just won't do.

0
0
Alert

Is it me?

Line of sight?

Ever heard of a camera?

Doh.

F*cking Pointless

0
0
Heart

If the first method requires line of sight...

...then I posit there is a simpler way to capture what is being typed. Watch them type it.

0
0
Coat

Old news...

...why don't you go back to staring out the window.

0
0
Silver badge

A storm^Wtempest in a tea cup

Hasn't the EM technique been known for many years? I can certainly remember seeing demos of it, and I think there was even a TV programme demonstrating some of the techniques, although I think that was more biased towards seeing what was on a screen. However, all electronic equipment radiates, which is what the TEMPEST standard was intended to address for sensitive military and intelligence operations.

I bet you can get a USB keyboard to play, but you'd need to analyse what the microprocessor in the keyboard was doing rather than what was on the cable, so it's a bit harder.

0
0
Flame

Perfect screen

Haha! i use a revolutionary technique: no passwords, firewall or anti-virus. All of my sensitive info is lost in the terabytes of spam and virus activity coming from my infected bot-net computer!

Gotcha, you bastards!

Signed,

A governement employee with access to your data

0
0
Anonymous Coward

My system is secure

I only ever type my password in the dark, with the radio turned up full and the monitor off. Unfortunately, I can't touch type, so it's been about four years since I managed to log in.

0
0
Anonymous Coward

News?

Is it? Who ( genuinely into tech /hacking,older than say 15 ) didn ' t know that this was possible? In fact I' m fairly certain phrack covered thi s topic about 5 years ago. .. Ah well, fun anyway ...

0
0
Black Helicopters

Countering lasers..

It's in principle picking up sounds, so make more "other" noise. For buildings where discussions are had which have to stay confidential it's not unusual to put ultrasonic transmitters on the glass which put out white noise - that makes reading it pointless.

Or they simply leave out the windows ..

0
0
Silver badge

Power grid pick-up?

PC power supplies are switch mode items that are heavily filtered before the power gets to the motherboard. I am very doubtful that sending keyboard keystroke data would cause any significant or detectable variation in current taken along the mains power lead. They say that the power grid pickup works at a distance of 15 metres so this sounds like an RF pickup method rather that a mains current consumption monitoring method.

0
0
Coat

mad as a tinfoil-hatter

I have placed my workstation inside a large tinfoil cube, which matches my hat.

0
0
Coat

I'm feeling vulnerable today

Mines the one with the on-screen keyboard and wireless mouse. How do the spooks reconcile wet dreams with sleepless nights?

0
0
Silver badge

No USB keyboard-capture dongles yet?

Geesh. If you have access to the PC, then simply reach behind the PC and insert the discreet little USB keyboard recorder gadget with 4GB of embedded storage into the keyboard circuit, and then drop by the following week to retrieve it.

0
0
Joke

Do they know if the keyboard is set to Dvorak?

That could be fun.

0
0
Boffin

This is amazing

Its just like those guys that could sniff your password if you typed it at one character per second 30 feet away from their large dish antenna on a keyboard plugged into a laptop with the screen switched off and an external PSU.

It's really frightening what a boffin can do these days with nothing more than a research grant and a couple of joints.

0
0
Boffin

@Do they know if the keyboard is set to Dvorak?

If they're just using frequency analysis and dictionary attack to map sounds to letters, then the keyboard layout doesn't matter (but typing in a foreign language would).

(And yes I know you were just trying to be funny....)

0
0
Thumb Down

Easier Said than Done.

Just slap some equipment together and everything is at your fingertips. Yeah, right...

0
0
Thumb Down

A bit late to the party...

This was known about in World War II.... see the discovery by Bell Lab here: http://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf

A lengthier discussion is included in this document: A History of U.S. Communications Security (Volumes I and II); the David G. Boak Lectures, National Security Agency (NSA), 1973 http://www.governmentattic.org/2docs/Hist_US_COMSEC_Boak_NSA_1973.pdf

So really, what is new about this... that they can do it cheaply? The NSA had a guy lecturing on this crap 35 years ago... if these brilliant researchers can only discover it now then god knows what the NSA is talking about today!

0
0
Anonymous Coward

USB Immune?

USB is not immune because it uses differential signalling.

The benefit of using differential signalling is that higher data rates can be achieves because noise is reduced by utilising the high common mode rejection ratio of a differential input amplifier on the receiver end of the cable, any radiated noise received in the cable is common to both positive and negative signal lines because of their close proximity and twisting.

That is, the differental signalling concept is used to increase the speed of transmission.

You're still going to get radiated emissions from the cable.

The detection techniques rely on two principles:

radiated noise in the form of RF

conducted noise back up the power cable.

I think you'll find you will still get high frequency noise superimposed on the power line, albeit very small in amplitude. Sure, the power supply contains inductors, and if in series with the power line will provide a high impedance path to high frequency signals, but it's a high impedance which results in attenuation, it's not infinite attenuation.

You'd need to start adding appropriately designed filters on the power lines to suppress the conducted emissions.

If you really want to prevent people spying on you using the techniques then you need to start adopting TEMPEST principles and taking to the extreme, everything would be house in a Faraday cage, a big metal box, ie..a room with no windows, metal doors with berillium copper finger strips space close together down the edges of the doors to provde 100% continuity of screening.

0
0
Anonymous Coward

Hmmm...

"everything would be house in a Faraday cage, a big metal box, ie..a room with no windows..."

Sounds like my old company...

I've already seen workmates complaining about the aircon not working, and that was when we were technically still in winter!

Poor buggers... Glad I left!

0
0
Anonymous Coward

Go on then, do it.

The idea that you can sniff keystrokes by their sound is all well and good under lab conditions, but the real world is a very different place.

Firstly you would need line of site to the keyboard, hitting a surface is simply not good enough if there is more than one keyboard in the room.

Secondly it relies on people's typing technique being consistent, I'm sure this is fine for trained typists but real people are completely inconsistent in their technique - most of us don't even hit the same key with the same finger every time.

So yes I'm sure it's possible under very specific conditions, but it looks like a headline grabbing excercise to me and it's not something I'll be worrying about.

0
0
This topic is closed for new posts.