Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
A Swiss company called Dreamlab Technologies has published a white paper describing in general terms how it was able to intercept the stream of keystrokes transmitted by two models of Microsoft 27MHz wireless keyboards.
To quote the summary, "After of analyzing wireless keyboard communication, Dreamlab is able to understand their functionalities, eavesdrop their traffic, crack the encryption key and decrypt the data into clear text keystrokes. The keystokes from any analyzed keyboard within the radio receiver's range can be sniffed at the same time."
It seems that the encryption applied to the data transmitted by the keyboard is so minimal that it hardly deserves the term. Each keystroke is XORed with a random byte generated when the keyboard and receiver are associated.
It's tempting to suggest this scheme could be cracked with pencil and paper once the data stream has been captured.
"Using simple wordlist checking in combination with a weightening algorythm [sic], every data in range can be decrypted within only a few keystrokes," wrote researchers Max Moser and Philipp Schrödel.
Dreamlab was able to construct a system to capture, decode and log streams of keystrokes from multiple wireless keyboards at once - a super wireless keylogger, if you like.
While Moser and Schrödel have provided a service by revealing just how insecure wireless keyboards, it's not that it's a new issue. Quite soon after wireless keyboards took off, users began to notice that one computer might start receiving keystrokes for another when both devices happened to pick the same code. Later models increased the number of device codes used in order to make such collisions less likely even in densely-packed offices.
That's not the same as deliberate eavesdropping, but it was a clear indication that wireless keyboards were not to be trusted - especially in an apartment block or multi-tenanted office building.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
