As Cold War tensions increased throughout the 1970s, the Soviets pulled out all the stops when it came to digging up information from US diplomats. This NSA memo from 2012 explains how several IBM Selectric typewriters used in the Moscow and Leningrad offices were successfully bugged with electromechanical devices that could possibly have been the world’s first keyloggers.
The Selectric prints with a ball that is spun and tilted to select the desired character. Two mechanical arms control the ball’s spin and tilt, and the keylogger read out the position of those arms. Thus, each character on the Selectric’s type element ball has its own signature. The sensing part of the keylogging mechanism was buried in part of the typewriter chassis, a metal bar that spans the width of the machine, and were so well hidden that they could only have been detected by complete dissassembly or x-ray.
Continue reading “Retrotechtacular: Cold War-Era Hardware Keyloggers”
Do you need to keep tabs on the kids while they browse the Internet? How about your husband/wife – do you suspect they are dabbling in extra-curriculars on the side? Hey, you’ve got your
insecurities reasons, we won’t judge. We will however, show you what [Jerry] over at Keelog has been working on lately.
While the company sells hardware keylogger kits online, [Jerry] has relied on, and understands the importance of open source. Since we all benefit from things being open, he is giving away all of the details for one of his most recent projects, a wireless keylogger. The keylogger plugs in to a PC’s PS/2 port, and wirelessly sends data to a nearby USB dongle up to 20 yards away, all in real-time.
A detailed parts list is provided, as are schematics, PCB masks, firmware, and assembly instructions. However, if you prefer the easier route, you can always buy the completed product or a DIY kit.
This isn’t the first open source keylogger he has released, so be sure to check out his previous work if you prefer a wired keylogging solution.
This very informative talk given at Shmoocon 2011 has been posted over at IronGeek. Covering all kinds of angles that a person could attack someones computer through the USB port, this should be read by anyone who is security minded at all. No matter which side of the port you tend to be on, this article has great information. They cover some common attack methods such as keyloggers and fake keyboards as well as some common methods of securing your system against them. We’ve actually seen this in the news a bit lately as people have been using the keyboard emulation method in conjunction with android phones to hack into systems.
The 2009 edition of the Black Hat security conference in Las Vegas has just begun. The first interesting talk we saw was [Andrea Barisani] and [Daniele Bianco]’s Sniff Keystrokes With Lasers/Voltmeters. They presented two methods for Tempest style eavesdropping of keyboards.
Continue reading “Black Hat 2009: Powerline and optical keysniffing”
Hardware Keylogger solutions has released the plans and files for their wireless logger. It has a range of about 50 yard between the transmitting dongle and the receiver. It is based around an Atmel AT91SAM7S64 and the PCB is pretty tiny. In case you hadn’t noticed yet, they sell them as well. The cool thing about this is that key data is transmitted in real time, allowing you to see it as it happens instead of having to go retreive the log physically like you used to.
[Kyle McDonald] sent in his latest project, a software keylogger that twitters what you type. He wrote it using C++ and OpenFrameworks. It logs each keystroke, then it posts to twitter 140 characters at a time. To protect himself, he set up a whitelist of private strings like passwords and credit card numbers that would be stripped before posting. If the twypewriter followed him, his keystrokes could be recreated.
Researchers from Inverse Path showed a couple interesting techniques for sniffing keystrokes at CanSecWest. For their first experiments they used a laser pointed at the shiny back of a laptop. The keystrokes would cause the laptop to vibrate which they could detect just like they would with any laser listening device. They’ve done it successfully from anywhere between 50 to 100 feet away. They used techniques similar to those in speech recognition to determine what sentences were being typed.
In a different attack, they sniffed characters from a PS/2 keyboard by monitoring the ground line in an outlet 50 feet away. They haven’t yet been able to collect more than just single strokes, but expect to get full words and sentences soon. This leakage via power line is discussed in the 1972 Tempest document we posted about earlier. The team said it wasn’t possible with USB or laptop keyboards.