Security Vulnerabilities in Wireless Keyboards
Most of them are unencrypted, which makes them vulnerable to all sorts of attacks:
On Tuesday Bastille’s research team revealed a new set of wireless keyboard attacks they’re calling Keysniffer. The technique, which they’re planning to detail at the Defcon hacker conference in two weeks, allows any hacker with a $12 radio device to intercept the connection between any of eight wireless keyboards and a computer from 250 feet away. What’s more, it gives the hacker the ability to both type keystrokes on the victim machine and silently record the target’s typing.
This is a continuation of their previous work
Bill Stewart • August 1, 2016 6:54 PM
I’ve been really annoyed that all of the low-cost wireless mice and full-sized keyboards use some proprietary radio link instead of Bluetooth. (Yes, I realize Bluetooth charges for a license, but that should be well under $5, and the difference in keyboard prices seems to be $30-50, while I’ve got Bluetooth tablet-sized keyboards that cost about $25-30.)
It’s not like Bluetooth is amazing computer security or performance, but at least it’s something, and more importantly for me, it doesn’t require an additional dongle to plug and unplug, which is a minor annoyance for my laptop and a lot more annoyance for the Raspberry Pi B that I’ve got. (And yeah, upgrading to the RPi3 which has more USB ports is only marginally more expensive than getting a powered USB hub.)