Today I like to reflect a news, that has been widely spread through websites: A guy has created an aduino based sniffer for microsoft wireless keyboard that can log keystrokes. The solution was called KeySweeper. Here a few words about the situation, after the “dust has settled”.
The message, that has spread this week
Wireless keyboards transmits keystrokes to a receiver – and this signals may be logged via a second RF receiver. A guy created an aduino based sniffer, to log keystrokes from Microsoft’s wireless keyboards. Details are documented within this blog article and @SamyKamkar has postet this tweet.
(KeySweeper, Source: samy.pl)
To sum it up, the message was: A small device, looks like an USB charger, can be used to sniff wireless keyboards from Microsoft, because they use a non-encrypted transmission.
… but the truth is?
After the “words has been spread over the web”, Microsoft has posted a statement, published by arstechnica.com here:
Keyboards from multiple manufacturers are affected by this device. Where Microsoft keyboards are concerned, customers using our Bluetooth-enabled keyboards are protected from this type of attack. In addition, users of our 2.4GHz wireless keyboard designs from July 2011 onwards are also protected because these keyboards use Advance Encryption Standard (AES) technology.
In brief: Yes, there has been a vulnerability to snipp un-ecoded keyboard data. But this is not restricted to Microsoft products. But the main topic: wireless keyboards from Microsoft, produced after July 2011, are using AES encryption. So KeySweeper is useless and won’t work (a fact, that hasn’t mentioned in many articles). And other vendors does the same. This Logitech document from 2009 talks about wireless keyboard encryption too. Here is another interesting article about that topic.