Microsoft Wireless Keyboards Hacked, Now Insecure.
Security researchers unveiled a $100 hardware & software package capable of reading traffic from the wireless data stream generated by Nordic Semiconductor chipset devices. This chipset is used by Microsoft’s wireless keyboards and they are now believed to be vulnerable to attack.
No need to go inside a building to plant an old fashioned keylogger, just point a yagi antenna at the building you’re interested in. If our own experience with low-power Bluetooth devices is anything to go by, then you could easily be reading keystrokes from several hundred metres away with the right directional antenna.
It’s thought that Logitech keyboards are safe for now as they use AES encryption. The Microsoft keyboards use a simpler XOR encryption scheme. You should also be wary of those cheap £20 wireless keyboard and mouse packs too.
The project has been christened ‘Keykeriki’, apparently it’s German for ‘Cock-a-Doodle-Do’.
There’s talk of a software version for owners of the USRP. Otherwise circuit diagrams and download firmware are available from the links below.
http://www.remote-exploit.org/?page_id=187
http://www.theregister.co.uk/2010/03/26/open_source_wireless_sniffer/
http://www.remote-exploit.org/
https://www.dreamlab.net/files/press/Dreamlab-Technologies_Pressrelease_Wireless-Keyboard_en.pdf