Podcasting What Geeks Really Want To Hear

Thursday, December 6, 2007

From:  http://www.hackaday.com/2007/12/02/wireless-keyboards-easily-cracked/

The “encryption” used on each regular keystroke involves XORing the key against a random one byte value determined during the initial sync with the receiver. So, if you sniff the handshake, you can decrypt the keystrokes. You really don’t have to though; there are only 256 possible encryption keys. Using a dictionary file you can check all possible keys and determine the correct one after only receiving 20-50 keystrokes

What I don’t get is this – who thinks this is good encryption for the real world? Yeah, an XOR is a nice and easy obfuscation, but is it not encryption!

As an industry, we really have to get our heads out of asses on this. Wireless communication is being used more and more in production environments and this shit is often way too easy to hack.

posted by Nem W Schlecht at 10:54 in General,News    

6 Comments »

  1. I would be so easy to bash M$ here but I dont think I well. Im just glad Im ‘old school’ and stick to wired stuff, Ive had to wireless the network because of my mother but its wpa’d up.
    Out of interest, if someone did have this (or a similer) keyboard is there a way of enhancing the encryption on it? Such as software on the pc?

    Comment by Pazy — December 6, 2007 @ 20:36

  2. I hope theres more listeners than commenters lol

    Comment by Pazy — December 7, 2007 @ 18:49

  3. I’m sure there are. ;-)

    Comment by Nem W Schlecht — December 7, 2007 @ 19:26

  4. On the one hand, this keyboard has a niche: an application that you’d like to protect from casual hackers, but it’s not worth putting real security on because the information is practically worthless to anyone else.

    On the other hand, that’s not where it will be used. Someone will put it on the CEO’s desktop and tell him that his wireless is now encrypted. Meanwhile, his secretary is now sniffing his keystrokes, filtering all the emails to his mistress, and forwarding them to his wife.

    There are plenty of listeners, I know a half-dozen of them myself.

    Comment by kevin.pisarsky — December 16, 2007 @ 10:16

  5. I almost feel like gifting this keyboard to people I dont like :P

    Comment by Pazy — December 16, 2007 @ 20:26

  6. Ha! I agree, Pazy! A nice present for the holidays – for the person you DON’T like.

    Comment by Nem W Schlecht — December 17, 2007 @ 01:58

RSS feed for comments on this post.

Leave a comment

You must be logged in to post a comment.

26 queries. 0.235 seconds.