Sniffing Keystrokes Via Laser, Power Lines

keystroke

Researchers from Inverse Path showed a couple interesting techniques for sniffing keystrokes at CanSecWest. For their first experiments they used a laser pointed at the shiny back of a laptop. The keystrokes would cause the laptop to vibrate which they could detect just like they would with any laser listening device. They’ve done it successfully from anywhere between 50 to 100 feet away. They used techniques similar to those in speech recognition to determine what sentences were being typed.

In a different attack, they sniffed characters from a PS/2 keyboard by monitoring the ground line in an outlet 50 feet away. They haven’t yet been able to collect more than just single strokes, but expect to get full words and sentences soon. This leakage via power line is discussed in the 1972 Tempest document we posted about earlier. The team said it wasn’t possible with USB or laptop keyboards.

[Thanks Jeramy]

26 thoughts on “Sniffing Keystrokes Via Laser, Power Lines

  1. I recently discovered that you could pick up the scancodes on a PS/2 keyboard quite easily by just holding a fox/hound sensor next to it (such as are used by telecoms technicians for finding lines in a bundle etc)

  2. @dnny:
    i don’t think that keyboards will be replaced by touchscreens in the next couple of years. they still remain the most practical way of typing text, no touchscreen system can compete to them by now

  3. Dubious but worthy of respect as thinkably possible. Absent a live reproducible by peers demo I won’t go farther in holding it as credibile. As for the projected keyboard or touch screens replacing things like button or membrane keyboards anytime soon? All depends on user acceptance more than any other factor. The operative meme to be eternally mindful in tech is a simple one with a few variants. It’s a .Sig for posts in places like this.

    “The first one costs >$1million. Serial #oneMillion costs <$1. And past a certain point selling your tech know-how makes the widget have a negative cost per piece”

  4. just because it’s dubious doesn’t mean it’s not possible. so how do we protect against these attacks?

    1) your laptop – should the back be covered with acoustic damping material? can a reflective shade be set up behind it to avoid laser eavesdropping?

    2) take the power outlet you use with your desktops and run a detached, separate ground straight to earth from the plug, then hope nobody taps into your wall at that point?

    Eh.

    keyboards won’t be replaced with touch screens until the touch screens can be made with flexible, expandable material that gives us tactile feedback identical to that of a keyboard. woot.

  5. none said: “Some government agencies (which will remain nameless), have used fiber-optic cable interconnects between keyboards, mice, and printer s to a PC.”

    Oh really, Mr. Fake Spook?

    I started working with computers in 1977, and stay fairly on top of the tech scene.

    So just WHERE is this technology?

    A White Paper would have appeared “somewhere” about this technology.

    And it would have “trickled down” to us regular users, but it’s NOWHERE to be seen.

    Let’s SEE some “proof” to back up your spooky statement.

  6. uh, dont mean to be a buzz kill but if you have a uninteruptable power supply, it has filters that filter out the whole electronic noise shenanigans. and your computer shouldnt be using the ground anyways?!?!! The ground is only if your computer has a short on the case or power supply, and when that happens its usually dead…

  7. Not to even mention the computers that have only a 2 wire power cord from the power supply brick to the wall. Or people like me that have multiple series AC filters to the power supply. And unplugging the laptop to run on battery during sensitive work further defangs the ground spike exploit. A Panasonic Toughbook metal case laptop with touchscreen and the silicone keyboard skin being coated with clear conductive coatings could decrease RF sniff range a bit…

  8. I knew there was a good reason to make stealth laptops!

    In all seriousness, some laptops have much better hinges than others. If you switched keyboard layouts I think it would really mess up any processing / acoustic methods, especially if you essentially have to touch type as most key presses will look the same.

  9. If you’re wondering why this hasn’t been shown before, it’s because it’s not even remotely practical even with the best possible software and hardware configuration. You’d get fragments of inconsistent data.

  10. can someone imagining how this will looks, one dude staring at you laptop focusing tripod on you and other dude with laptop connected blackbox focusing lenses at you staring at you laptop too and yell to other dude to move triode little bit left or right

    and in the end they get some mix of fan, HD and birdsong.. with keystrokes noises

  11. Mister X, Tempest rated equipment is available from many sources. European countries are well aware of the problems of emsec. Its only the US that ignores the risk outside of classified computer systems.

  12. Thanks for sharing this article. For best Keylogger software, use Keyprowler.No one but you can ever see the data that KeyProwler keylogger saves. Ever wondered who your girlfriend or boyfriend is chatting with on Myspace, Facebook, and other dating sites late at night, KeyProwler Keylogger lets you read messages sent on Myspace, Facebook, and any other Internet site and also takes a screenshot of the pages and photos that he or she is looking at. Look at his or her e-mails with KeyProwler Keylogger, check up on or monitor employees. This keylogger can get screenshots on entry of trigger words. http://www.keyprowler.com

  13. You guys are so innocent! the N.S.A. and its partners in the other 4 major English-speaking countries (Canada, the U.K., Australia and New Zealand) can hack into your PC through the power outlet and take control of your mouse and keyboard, thereby your entire PC!

  14. I couldn’t even download the keyprowler software (trial version), or rather I wasn’t allowed. What are they afraid of? Microsoft gave them the Source Code for all of its Operating Systems (that’s why Microsoft got off lightly in the anti-trust case with Netscrape). So, no anti-malware program, which depends on the O/S first starting up, is of any use.

Leave a Reply to Mister XCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.