On Sun, Jul 09, 2006 at 07:21:33PM +0200, Peter Philipp wrote: > On Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote: > > Well, it's very hard to say that someone isn't trying to bug his > > keyboard. It might be a valid concern. However, if someone *is* then you > > have to look at all the other possibilities as well. A small audio bug > > can be enough to pick up key clicks, and some interesting work has been > > done in reconstructing input based on inter-key timing. The better > > typist you are, the better it works. That's one small example. What > > Would mixing keyboard noises at random into your music / external speaker > at random be a useful countermeasure against that?
[1] Probably not. A good sound/electronics engineer will figure out which signal is real and which isn't. (Given that we speak about three-letter-agencies with a nearly unlimited budget here) Typing with one finger (and the use of backspace) will make it much more difficult. Encrypting data from the keyboard is also not a real option, because you need a shared secret (or something like hostkeys, how do you know that the usb sniffer can't do MITM attacks?). The keyboard needs to be pretty "intelligent" to do that. Rewiring the keys... , you get something like a rot13 encryption, anybody can figure that out. Your typing behaviour can be loged for a long time and compared against tables of the most often used letters/words in your language... ;) Anyway, the electromagnetic radiation(?) is probably so high that nobody bothers with usb sniffers. I know it was possible to see a good image of a crt in about 25m distance by just amplifying the signal back in '96 (I was interested in building mini-bugs and have a few books about the technology available to this time). It should be possible to sniff the 'clicks' from a car parked on the street today. The only practical solution i can see is using a laptop with good shielding and build a grounded copper case arround it. Make sure that there is no HF going out on any cables, no external devices etc. To meassure that the stuff really works, you may need an oscilloscope... I think the best is not to rely on encryption of hardware at all and consider everything 'buged'. The only 'secure' thing is ram and the cpu. Don't have a firewire port in your computer, it allows access to any memory location [2]. Tinfoil hat linux [3] is worth a look (There are more interresting links on that page) Still paranoid? ;) > [snip] Tobias [1] http://64.233.183.104/search?q=cache:JcI2ggxM8OEJ:www.rootsecure.net/content/downloads/pdf/ssh_timing_attack.pdf [2] http://64.233.183.104/search?q=cache:YZy7R1pb6bUJ:pacsec.jp/psj04/psj04-dornseif-e.ppt [3] http://tinfoilhat.shmoo.com/
