Twittering Keylogger

3673642969_378bdec59c

[Kyle McDonald] sent in his latest project, a software keylogger that twitters what you type. He wrote it using C++ and OpenFrameworks. It logs each keystroke, then it posts to twitter 140 characters at a time. To protect himself, he set up a whitelist of private strings like passwords and credit card numbers that would be stripped before posting. If the twypewriter followed him, his keystrokes could be recreated.

[thanks Kyle]

Sniffing Keystrokes Via Laser, Power Lines

keystroke

Researchers from Inverse Path showed a couple interesting techniques for sniffing keystrokes at CanSecWest. For their first experiments they used a laser pointed at the shiny back of a laptop. The keystrokes would cause the laptop to vibrate which they could detect just like they would with any laser listening device. They’ve done it successfully from anywhere between 50 to 100 feet away. They used techniques similar to those in speech recognition to determine what sentences were being typed.

In a different attack, they sniffed characters from a PS/2 keyboard by monitoring the ground line in an outlet 50 feet away. They haven’t yet been able to collect more than just single strokes, but expect to get full words and sentences soon. This leakage via power line is discussed in the 1972 Tempest document we posted about earlier. The team said it wasn’t possible with USB or laptop keyboards.

[Thanks Jeramy]