“We were stunned. We had no expectation that in 2016,
these companies would be selling keyboards with no encryption”
Bastille's Chief
Research Officer Ivan O'Sullivan commenting on the weak encryption in Bluetooth
keyboards
It's August 2015, dear hackers. Time for the brethren
to gather in at the DefCon Conference and Black Hat Security Conference in Las
Vegas, Nevada to reveal their security flaws to make you scared to fsociety,
Mr. Robot style!
Personally to me, the knowledge that you can capture
data by tapping into wireless keyboards is the most frightening as revealed in
the article “Hackers
could sniff out your passwords if you're typing nearby”, published July 26,
2016 by Laura Hautala, CNET News.
The hack, developed by researchers at cyber security firm Bastille Networks uses a device called a keysniffer that can detect or “sniff” keystrokes in a manner similar to a keylogger as explained in my blog article entitled “Professor Marco Gercke warns of Scammers using Keyloggers and How to use Keyloggers and Protect yourself”.
The device, which listens in on the unencrypted
transmission of your keyboard, affect nearly every possible model and make of
wireless keyboard as listed
on Bastille's website, many of which use Bluetooth:
1. HP
2. Toshiba
3. General
Electric
4. Kensington
5. Radio
Shack
6. Anker
7. EagleTec
8. Best
Buy's Insignia
See the full list in the graphic below and read the Mousejack Technical Details
and Keysniffer technical
Details:
The hacker would have to be within 76.2m (250 ft) from you for this hack to work, as Bluetooth signals degrade the farther away you are.
But a really smart hacker can have this US$12
keysniffer device in the room transmitting keystrokes over the air via Wi-Fi or
even a special radio channel to the hacker miles always as pointed out in the
article “Radio
Hack Steals Keystrokes from Millions of Wireless Keyboards”, published 26
July 2016 by Andy Greenberg, Wired.
So how bad is this hack?
US$12
keysniffer device – Security based on ignorance
It's bad, really bad!
Most of the keyboards, potentially billions of them
around the world, are represented in the list use the Mozart Semiconductor and
other non-Bluetooth chipsets that have weak encryption compared to standard
Bluetooth.
This made it easy for the Bastille Networks Researcher Marc Newlin
to reverse-engineer a US$12 Geetech Crazyradio Bluetooth dongle to interpret
the obscure keyboard protocols that constituted the unencrypted radio
transmission between the Wireless Keyboard and the computer.
Surprisingly, there are no guidelines for encryption
for these devices as noted by Bastille Networks
Researcher Marc Newlin, quote: “There were no specifications. The only reason
these devices had been operating under the radar is because no one had taken
the time to reverse engineer them”.
So basically keyboard makers, thinking that hackers would think of going after wireless keyboards, we practicing security based on ignorance; if nobody knows, then it’s safe. Not a good idea, really!
keysniffer
and MouseJack Hack – More reason to buy Standard Bluetooth Mice and Keyboard
Interestingly, this hack is a lot like MouseJack hack that Bastille Networks researcher.
This was revealed by Bastille Networks using the same US$12
Geetech Crazyradio Bluetooth dongle which also allowed them to eavesdrop on
mouse keystrokes as noted in the article “Flaws
in Wireless Mice and Keyboards Let Hackers Type on Your PC”, published
February 23 2016 by Andy Greenberg, Wired.
In the case of MouseJack,
the researcher took advantage of flaws in Norwegian Firm Nordic Semiconductor's
chips that again had less than stellar encryption than standard Bluetooth
chipsets. Also both the keysniffer and the MouseJack
hack allow the user to take control of the computer remotely, albeit the hacker
would have to be able to see the screen.
Both these hacks leaves billions of wireless keyboards
and mice vulnerable to a hacker gifted enough to set up both a wireless hidden
mini-Camera to watch you and a radio connected version of the US$12 Geetech
Crazyradio Bluetooth dongle to intercept and remotely transmitted your signals
to their remote locations many miles away.
Throw in the University of California's technique to
determine a 3D printers prints based on the sound it makes as described in my blog article
entitled “University
of California 3D printers espionage reveals how Sound Photography coming to
smartwatches and smartphones”, and your hacker could know everything you
typed, spoke and printed while around on your computer, even if it isolated
from the Internet.
Your best defense?
I personally recommend the use of standard Bluetooth
chipsets such as the Apple Magic Mouse 2, Keyboard 2 and Trackpad 2 as
described in my MICO Wars
blog entitled “Why
the Apple Magic Mouse 2, Keyboard 2 and Trackpad 2 enhances the Apple iPad Pro”
and other Bluetooth keyboard and mice that have the encryption option enabled.
Stop using Wireless Mice and keyboards would keep you
even safer!
Here’s the link:
No comments:
Post a Comment