A recent whitepaper has been release, and the techniques will be demonstrated at the 2009 Blackhat convention, laying out details for two techniques for keystroke logging, using very unconventional methods.
Typically, keystroke logging is done by means of software installed on the victims PC, or through a small piece of hardware attacked to the keyboards cable. In this case, access to the computer is not required at all. The first attack involves sniffing slight voltage changes from an AC electrical outlet up to 30 feet away from the victims computer. When a key is pressed on the keyboard, a string of binary code is sent to the computer through the USB or PS2 cable, for instance 1000101 or 110100100. Since there is no shielding on the ground cable attached to the keyboard, running into the computer and back to the ground wire in the buildings electrical wiring, the variations, or noise, generated can be picked up quite easily from a nearby outlet.
Scary huh? Well, not really, not to me at least. An easy way around this is to get yourself a nice wireless keyboard. Since the wireless keyboard uses infrared light, or bluetooth, there is no ground cable on the keyboard, and the signal cant be snooped on in the electrical cabling. Great success. Right?
Unfortunately, as an example, the bottom line with car security systems still holds true to this day. If an auto thief want your car, they are going to get it. You didn’t hear this from me, but did you know that a LoJack system can be rendered useless with a handful of fairly inexpensive neodymium magnets? Also, a few pieces of aluminum tubing will also do the trick. It’s called science and it works. Distortion and interference can cause the LoJack signal to be rendered useless. I’m not telling how to, or that you should do this, because inexperienced auto thief’s will do it wrong and you will probably be caught. Experienced auto thief’s already know this trick. As for me, I’m just familiar with the concept. That’s all.
Back to keystroke logging though. Lets say you have the wireless keyboard, or a laptop running on a battery. No connection to the ground wire in the AC system. In this case, the attacker can use a fairly inexpensive laser to measure vibrations on the laptop, keyboard, or even the table top where the keyboard is sitting. Now these vibrations aren’t going to be nearly as easy to decipher as the 1′s and 0′s being sent out through the electrical wire, so it will be good for preventing the casual hacker from logging your stokes.
It’s like they say. A lock on a door will only keep an honest person out of your room.