<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi Derrick,<br>
<br>
Topic keeping you up at night? J/K<br>
<br>
The answer, of course, is "it depends." The older the keyboard,
the weaker (or not at all) the encryption. Microsoft now has AES
encryption available (<a
href="http://news.techworld.com/security/3284218/new-microsoft-wireless-keyboard-gets-128-bit-encryption/">http://news.techworld.com/security/3284218/new-microsoft-wireless-keyboard-gets-128-bit-encryption/</a>).
Logitech had AES since at least 2009. Google: wireless keyboard
encryption<br>
<br>
Also keep in mind some factors that mitigate wireless snooping
risks:<br>
* transmission power - not much you can do here, but the broadcast
power is not that high - how far away does your keyboard work from
the receiver? In my experience, this is limited to about 3 feet
(usually less - a lot less).<br>
* distance to attacker's receiver - is the attacker in the same
room or in a van with a high-gain antenna parked on the street?
If you have a van parked outside, you might want to reconsider
your lifestyle :) Seriously, this year's defcon demonstrated
screen viewing by receiving the EM transmissions from the video
cable (something the US and USSR were doing 25 years ago), so
wired keyboard tapping is not too far away.<br>
* shielding - do you have objects between you and the attacker
that will absorb the transmissions? With a wired keyboard, you
can wrap the cable in a grounded coax sheath to shield the EM.
Wireless? Might have to wrap your room/house in a Faraday cage.<br>
* time - how much is your keyboard in use? More use gives the
attacker more data to capture and analyze.<br>
<br>
Just some stuff to think about. The threat is real, but the
probability is very low, unless you have other factors in your
life that would bring about the surveillance van, then the game is
up - nothing you can do will save you.<br>
<pre class="moz-signature" cols="72">Cheers!
George Toft
</pre>
On 11/8/2013 1:16 AM, Derek Trotter wrote:<br>
</div>
<blockquote cite="mid:527C9DE0.7010200@gmail.com" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<font face="Comic Sans MS">What kind of encryption if any is used
by wireless keyboards? Seems to me that a wireless keyboard is
a potential security issue. After all, all sorts of usernames
and passwords would be broadcast by one. This would just make
the NSA's or any other group of bad guys' job easier.</font><br>
<pre class="moz-signature" cols="72">--
"I get my copy of the daily paper, look at the obituaries page, and if I’m not there, I carry on as usual."
Patrick Moore</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">---------------------------------------------------
PLUG-discuss mailing list - <a class="moz-txt-link-abbreviated" href="mailto:PLUG-discuss@lists.phxlinux.org">PLUG-discuss@lists.phxlinux.org</a>
To subscribe, unsubscribe, or to change your mail settings:
<a class="moz-txt-link-freetext" href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss">http://lists.phxlinux.org/mailman/listinfo/plug-discuss</a></pre>
</blockquote>
<br>
</body>
</html>