------ Forwarded Message > From: "dasg...@aol.com" <dasg...@aol.com> > Date: Mon, 13 Jul 2009 20:03:43 EDT > To: Robert Millegan <ramille...@aol.com> > Cc: <ema...@aol.com>, <j...@aol.com>, <christian.r...@gmail.com> > Subject: Remote Keylogging >
> > > Snooping through the power socket > > > > > > http://news.bbc.co.uk/2/hi/technology/8147534.stm > > Power sockets can be used to eavesdrop on what people type on a computer. > > Security researchers found that poor shielding on some keyboard cables means > useful data can be leaked about each character typed. > > > By analysing the information leaking onto power circuits, the researchers > could see what a target was typing. > > > The attack has been demonstrated to work at a distance of up to 15m, but > refinement may mean it could work over much longer distances. > > > Hotel attack > > > "Our goal is to show that information leaks in the most unexpected ways and > can be retrieved," wrote Andrea Barisani and Daniele Bianco, of security firm > Inverse Path, in a paper describing their work. > > > The research focused on the cables used to connect PS/2 keyboards to desktop > PCs. > > > Usefully, said the pair, the six wires inside a PS/2 cable are typically > "close to each other and poorly shielded". This means that information > travelling along the data wire, when a key is pressed, leaks onto the earth > (ground in the US) wire in the same cable. > > > The earth wire, via the PC's power unit, ultimately connects to the plug in > the power socket, and from there information leaks out onto the circuit > supplying electricity to a room. > > > Even better, said the researchers, data travels along PS/2 cables one bit at > a time and uses a clock speed far lower than any other PC component. Both > these qualities make it easy to pick out voltage changes caused by key > presses. > > > A digital oscilloscope was used to gather data about voltage changes on a > power line and filters were used to remove those caused by anything other > than the keyboard. > > > "The PS/2 signal square wave is preserved with good quality... and can be > decoded back to the original keystroke information," wrote the pair in a > paper describing their work. > > > They demonstrated it working over distances of 1, 5, 10 and 15m from a > target, far enough to suggest it could work in a hotel or office. > > > "The test performed in the laboratory represent a worst case scenario for > this type of measurement, which along with acceptable results emphasizes the > feasibility of the attack on normal conditions," they added. > > > The pair said their research was "work in progress" and expect the equipment > to get more sensitive as it is refined. > > > The attack is due to be demonstrated at the Black Hat conference that takes > place in Las Vegas from 25-30 July. > > > > Looking for love this summer? Find it now on AOL Personals > <http://personals.aol.com/?ncid=emlcntuslove00000003> . > ------ End of Forwarded Message