KeySniffer Flaw Exposes Wireless Keyboard Typing

Users of non-Bluetooth wireless keyboards are being warned of a potentially serious vulnerability that could allow their typing to be intercepted.

Bastille Networks tested a number of wireless keyboards from vendors including HP, Radio Shack and Toshiba, and found the flaw that it has called KeySniffer.

The problem stems from the fact that a wide range of these wireless keyboards use unencrypted radio communications that can be easily intercepted by a cheap USB radio antenna costing less than $100 (£76).

KeySniffer Flaw

The researchers were able to intercept user keystrokes and reportedly they could even control the wireless keyboard and insert their own keystrokes. The potential security risk this presents is obvious.

“KeySniffer is a set of security vulnerabilities affecting non-Bluetooth wireless keyboards from eight vendors,” said the firm. “The wireless keyboards susceptible to KeySniffer use unencrypted radio communication, enabling an attacker up to several hundred feet away to eavesdrop and record all the keystrokes typed by the victim.”

“This means an attacker can see personal and private data such as credit card numbers, usernames, passwords, security question answers and other sensitive or private information all in clear text. The equipment needed to do the attack costs less than $100 putting it in reach of many teenage hackers.”

Even worse, only two keyboard makers, Kensington and General Electric, bothered to issue an response to the discovery of the vulnerability.

Bastille’s list of the affected keyboard models that were tested can be found here. The firm told the BBC that Logitech, Dell and Lenovo used higher-end chips in their wireless keyboards that had stronger security.

Hard Wire

The advice therefore for wireless keyboard users is to consider swooping their wireless keyboard for a Bluetooth-enabled device (which encrypts data over the air), or alternatively utilise a traditional hard-wired keyboard.

It should be noted that wireless keyboards are not the only wireless device whose security has been called into question of late.

Last year Trend Micro in partnership with First Base Technologies criticised the security of popular smartwatches.

A previous study by HP Security also found that many smartwatches carry major security flaws, thanks to their increasing connectivity.

Think you know all about cybersecurity? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Google Warns Of Italian Spyware On Apple, Android Phones

Italian company's hacking tools have been used to spy on Apple, Android smartphones in Italy…

3 days ago

Intel Signals Delay To Ohio Factory Over US Chips Act Dispute

Chip maker warns new factory in Columbus, Ohio could be delayed or scaled back, over…

3 days ago

Silicon UK In Focus Podcast: Sustainable Business

How do sustainable businesses use technology to innovate? And as businesses want to connect sustainability…

3 days ago

Australia Fines Samsung Over Water-Resistance Claims

Samsung rapped over the knuckles by Australian regulator because of 'misleading' Galaxy smartphone water-resistance claims…

3 days ago

Amazon Reveals Alexa Option To Mimic Any Person’s Voice

Bereavement aid for those in mourning? Amazon's Alexa voice assistant could be programmed to sound…

3 days ago