lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Nov 2007 17:27:03 +0100 From: "Max Moser" <max.moser@...il.com> To: bugtraq@...urityfocus.com Subject: 27Mhz based wireless security insecurities - Aka - "We know what you typed last summer" Dear Listmembers, Today the team remote-exploit.org together with Dreamlab Technologies likes to release another piece of uniq research work. Although the trend in wireless communication in peripheral devices such as keyboards and mice is moving towards Bluetooth, market leaders such as Logitech and Microsoft rely on cost-efficient, tried-and-tested 27Mhz radio technology. Using just a simple radio receiver, a soundcard and suitable software, the remote-exploit.org members Max Moser & Philipp Schroedel have managed to tap and decode the radio frequencies transmitted between the keyboard and PC/notebook computer. Although manufacturers of wireless keyboards partially prevent data from being tapped by using cryptography, unfortunately the encryption is weak and thus does not offer real protection. During the test, we succeeded in eavesdropping traffic from a distance of up to ten meters. With the appropriate technical equipment, larger distances are possible. For further information/whitepaper and a demonstration of the attack checkout: http://www.remote-exploit.org or http://www.dreamlab.net. In addition you can find the official non-technical press release from Dreamlab Technologies at: http://www.remote-exploit.org/Press_Release_Dreamlab_Technologies_Wireless_Keyboard.pdf Max Moser & Philipp Schroedel Dreamlab Technologies AG / Team remote-exploit.org
Powered by blists - more mailing lists