Wireless keyboard security

Filed under:Hardware — posted by Consultant on April 1, 2008 @ 1:07 pm

Recently a new thread in the pentest mailing list (pen-test@securityfocus.com) related to wireless keyboard security was started. Quite interesting given that several different responses included a wide range of resources. So I thought I would grab them all and store them somewhere (here) for the future in case I ever need it.

The thread can be found online here:

http://www.securityfocus.com/archive/101/490080/30/0/threaded 

The links include:

http://www.wartyping.com/  and http://www.wartyping.com/?page=links

WarTyping is the act of location, and interception of radio signals transmitted by wireless keyboards onto the public airwaves by driving / walking around with the appropriate equipment.”

http://www.symantec.com/enterprise/security_response/weblog/2007/12/why_did_my_nextdoor_neighbor_e.html Why Did My Next Door Neighbor Erect a 50-Foot Radio Antenna? Wireless keyboards have been around for several years. After developing the first series of infrared devices, vendors have developed radio-based keyboards that run at 27 MHz.

http://seclists.org/basics/2005/Mar/0420.html

Security Basics: Wireless Keyboard Security

http://seclists.org/fulldisclosure/2008/Mar/0162.html

Full Disclosure thread: Wireless keyboard insecurity - any secure one available?

http://www.zdnet.com.au/news/security/soa/Microsoft-wireless-keyboard-hacked-from-50-metres/0,130061744,339284328,00.htm

Microsoft wireless keyboard hacked from 50 metres

http://www.dreamlab.net/download/articles/27_Mhz_keyboard_insecurities.pdf

27 MHz Keyboard Insecurities

http://www.remote-exploit.org/advisories/27Mhz_Analyzing.pdf

Analyzing 27 MHz keyboards

Later,



image: detail of installation by Bronwyn Lace