There’s Spies In Them There Keyboards
Researchers say keyboards are not safe to transmit sensitive information after demonstrating a variety of ways to pick up electromagnetic signals from keystrokes
Hackers may be one step ahead of you once again. Sure, you can follow all the steps to protect your private data, like creating a password that’s hard to guess or clearing your memory cache after browsing, but that may not be enough. It’s very possible that hackers can sniff out your data with every keystroke—at least that’s what Swiss researchers proved in a video demonstration, which showed four different ways to pick up sensitive information from people’s keyboards as they typed.
Martin Vuagnoux and Sylvain Pasini from the Security and Cryptography Laboratory at the Swiss Ecole Polytechnique Federale de Lausanne (EPFL) headed the experiment by testing 11 keyboards ranging from ones inbuilt on laptops to those wired to computers through USB or PS/2. They used a large radio antenna to fully or partially recover electromagnetic signals 20 to 30 feet away in an adjacent room—in one case it also worked 65 feet away from the keyboard. The EPFL researchers found that at least one of their four attack methods always worked on every keyboard they attempted to eavesdrop on.
But can hackers steal information through this method given the amount of interference from other digital sources like televisions or other computers in the area? It’s very likely, according to EPFL, which said in a Web posting that they used inexpensive equipment for their experiments and that attacks could undoubtedly be improved with better equipment. A more detailed account of their findings will appear in a forthcoming journal.