dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
6988

DFWDraco76
Premium Member
join:2001-02-21
Dallas, TX

1 edit

DFWDraco76

Premium Member

Wireless Keyboard/Mouse - Security Threat?

We have a couple users that want to use a wireless keyboard and/or mouse... I'm trying to research the security threat this poses, if any at all. We're located in a 50+ story building in downtown Dallas, if that matters.

Any thoughts? Links? I'm Googling at the same time I'm posting here... (I also searched this forum but didn't find anything)

TIA!

markusjansson
@195.165.x.x

markusjansson

Anon

Depends whether they use RF or IR. Usually they all use RF so yes, it is serious security risk when it comes to keyboards atleast. Some keyboards claim to have some sort of encryption to prevent snooping but honestly I dont believe its any good.

So my suggestion is, that either make sure they use IR or otherwise ban them for using wireless keyboards. Wireless mouse is not that bad security risk but hopefully they use IR for it.

Marilla9
I Am My Own Arbiter
Premium Member
join:2002-12-06
Belpre, OH

Marilla9 to DFWDraco76

Premium Member

to DFWDraco76
My personal opinion is that the security threat of wireless RF keyboards/mouses can be overblown a little bit, and sometimes is represented as a bit too universal.

What I mean is, while it's trivial to intercept the signals if you are within range, that last bit is important; if it's in range.

In most commercial buildings, there's NO WAY that signal will traverse building storeys, for example. In most cases, it's not going to traverse office walls, either.

However, in close-quarters cubicles, it could be an issue, if it's possible someone in a nearby cubicle could use some sort of listening device to capture the transmission. Depending on your specific setup, however, that might simply not be an issue for you.

Generally speaking, though, it's probably a good idea to avoid something like this is a medium- or high-security environment.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

my logitech has a unobstructed range of about 35 feet one step beyond that and you can no longer type. So i would say theres no real security risk. Any place where it would be a risk prob has a feraday cage any how (something as simple as wire mess in the walls will stop radio signals dead heheh)

djtim21
It's all good
Premium Member
join:2003-12-22
Lake Villa, IL

1 edit

djtim21

Premium Member

I would say - Yes there could be a security threat with the wireless keyboard. But the mouse - no threat there, unless someone can control the mouse from a 35 foot distance - and then they gotta read the screen at that distance.

Honestly - why would someone in an office building require a wireless mouse/keyboard. If it's cause the cords look "tacky" then tell them to go take a flying leap off that building.

If it's a distance issue - there are cheap extensions that you can purchase ($10 bucks compared to $100 for the keyboard and mouse)

SO - IMHO I would just say - NO - just like what I tell my bosses if they want wireless LAN - they don't need to take the laptop to the bathroom

Edit: Grammar

steelgaze
Premium Member
join:2002-02-01
San Francisco, CA

steelgaze to DFWDraco76

Premium Member

to DFWDraco76
I agree with the mouse not being that much of a problem. The most I can see if someone playing a joke on you and moving the mouse around .. isn't that much harm mostly because they need to be able to see the monitor too.

The bigger concern should be over the keyboard. You should test to see how wide of a range it broadcasts, and yea I think those security features to encrypt the signal isn't much use. What someone can do is pick up the signals and it'd be like they have a keylogger installed on the computer. Wired is much safer and secure for businesses.
Daemon
Premium Member
join:2003-06-29
Washington, DC

Daemon

Premium Member

Keep in mind that RF signals sometime do magical things.

I read a story a few years ago when wireless RF keyboard were new. Someone had a house setup such that the entire house acted as an antenna/amp for his keyboard, causing him to control all of the computers that also had wireless keyboards in the area.

However, don't keyboards use security scramblers like cordless phones do to prevent simple eavesdropping? (And crosstalk)

Rattler
join:2001-04-13
Havertown, PA

Rattler to DFWDraco76

Member

to DFWDraco76
Heh!!

My Logitech wireless KB craps out at about 6', "line-of-sight" between the KB & receiver. Unless someone could "bug" my installation with a listener, within 6' of me, they'd have a tough time recording my keystrokes.

Frankly, I wish I could extend the KB's range to about 10'-12' reliably, so I wouldn't have to "gyrate" around to find the "sweet" spot.

BIGMIKE
Q
Premium Member
join:2002-06-07
Gainesville, FL

2 edits

BIGMIKE to DFWDraco76

Premium Member

to DFWDraco76
check wis the DOD, Security: Wireless Hacking Techniques

»Security: Wireless Hacking Techniques

TIP: ON SEARCH TRY HACKING Wireless Hacking Techniques

OR CRACK

»www.google.com/search?so ··· chniques

How stuff works
»www.howstuffworks.com/ga ··· t519.htm

Kaeliri
join:2003-09-27
Portland, OR

Kaeliri to DFWDraco76

Member

to DFWDraco76
Bluetooth keyboards might be an adequate solution. While the encryption and keying scheme in Bluetooth isn't anything particularly stellar, I do think that when properly implemented it can offer enough security for use with wireless keyboards.

Cordless mice, on the other hand, aren't a security risk regardless of the technology used IMHO.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

1 edit

jansson_mark

Premium Member

said by Kaeliri:
Bluetooth keyboards might be an adequate solution.
About Bluetooth security
»ntrg.cs.tcd.ie/undergrad ··· ity.html

Kaeliri
join:2003-09-27
Portland, OR

Kaeliri

Member

said by jansson_mark:
said by Kaeliri:
Bluetooth keyboards might be an adequate solution.
About Bluetooth security
»ntrg.cs.tcd.ie/undergrad ··· ity.html

A nice article. With a cursory glance it seems to summarize things fairly well, albeit with a few inaccuracies; Bluetooth keying scheme can use 128bit keys and SAFER+ scheme.

Another article here, BTW:
»www.niksula.cs.hut.fi/~j ··· sec.html

A more in-depth analysis here.
An analysis of E0 stream cipher here.
And an attack on the keying scheme here.

Bluetooth has weaknesses, but it's generally not considered a wholly insecure protocol. IMHO it's weaknesses arise largely from the scope of it's intended use, and the associated difficulties in negotiating links with numerous Bluetooth devices in an ad-hoc environment. Which is wildly simplifying things..

That said, I do think that it's a concerted effort to bring about more secure wireless links. I also maintain that if properly implemented, it's good enough for wireless keyboards in a low-threat environment.

shamrin
join:2001-01-08
Lexington, KY

shamrin to DFWDraco76

Member

to DFWDraco76
Get a grip here guys. How can anyone assess the risk without knowing what the company's business is and what the users are doing? I mean really, what are you afraid of here? A competitor is going guess you're using a wireless keyboard, rent the office below your users, crack the "weak" encryption code and capture the text that your users are entering into their email. Please. If you're a branch office of the DOD or in charge of the secret formula for Coca-Cola don't do it. If it's some poor slob in marketing who just wants to whirl around in his chair while he talks on his speaker phone, give him a break and let him have his wireless keyboard, nobody really gives a damn what he says in his emails.

I know, it was a just a technical question, anyway, my $0.02.

sch

JHB
join:2002-02-08
California

JHB to DFWDraco76

Member

to DFWDraco76
Wireless Keyboard/Mouse - Security Threat?
Wow! The security forum has hit an all time low with that one.:)