Re: wireless keyboard encryption
On 21/09/2007, Nate Duehr <firstname.lastname@example.org> wrote:
> On Sep 20, 2007, at 11:51 AM, Chris Purves wrote:
> > On 20/09/2007, Gabriel Parrondo <email@example.com> wrote:
> >> El jue, 20-09-2007 a las 10:23 -0600, Chris Purves escribió:
> >>> Is it possible to encrypt my wireless keyboard communication? I
> >>> have
> >>> a Logitech EX110. The included Windows software has this
> >>> feature, but
> >>> of course no linux drivers.
> >> Rare... how is it connected? Usually this kind of devices are
> >> hardware-only and transparently work as a standard device for the OS.
> > The Logitech webpage is
> > http://www.logitech.com/index.cfm/keyboards/keyboard_mice_combos/
> > devices/154&cl=ca,en#
> > The normal operation does work transparently. There is a receiver
> > that plugs into the ps/2 ports. Establishing initial connection is
> > through connect buttons on the receiver and keyboard and mouse.
> > I ran the included SetPoint software in Windows and it had an option
> > for enabling encryption between the keyboard and receiver. Perhaps,
> > once it is enabled, it will continue to be encrypted when I boot into
> > Debian. I don't know if the software turns on a switch in the
> > hardware, or if it runs some driver that must be running in order to
> > get encryption.
> I've also seen this "enable encryption" option on my wireless
> keyboard at home.
> I think the more important question for the original poster is really
> -- how far away do you think your keyboard can be reliably received
> (just walk away from the computer and see where you can go... type
> things into a text editor like, "Now I'm on the stairs", "Now I'm in
> the kitchen", "Now I'm on the back porch", and then walk back and see
> what's on the screen.
Yes, that was a good suggestion. The limit seems to be about 8 feet
in open air (with new batteries), so going through a wall would likely
kill the signal.
> Then do a sane risk-analysis. If I can only reliably use it at X
> distance, how often will someone I don't trust be able to put a
> receiver capable of both receiving the data in whatever format it's
> in? (Keeping in mind that the protocol used for the keyboard usually
> not well-documented, so it'd take some skill and knowledge to
> intercept it, or you'd have to disassemble a similar RF unit and
> reverse engineer a way to make it into a data-logger.) A good
> exercise might be in TRYING to intercept your own keystrokes, and
> seeing how difficult it is for YOU to do it. If it's a pain in the
> ass for you, then evaluate whether or not you're doing something so
> bad or have such a need for privacy that you can name anyone or any
> organization that would go to that effort to read your typing.
> If you can think of someone/something who'd want that data bad enough
> to get close enough, and do the work of figuring out how to capture
> it -- wireless keyboards probably weren't a good idea for you in the
> first place.
That's not my situation. Considering the short range of the keyboard
and the difficulty involved in intercepting, the risk is very small.
> Security is as much about realistic risk-analysis as it is about
> "encryption for encryption's sake". I'm not saying you shouldn't TRY
> to encrypt your keyboard traffic if the keyboard has the feature --
> but at some point there's a steep diminshing return on "security".
> Another thing to look at... are there easier ways you'd leak whatever
> it is that you're typing on your keyboard that someone smart would go
> after before trying to snoop your keyboard? Could it be gathered any
> other electronic/technical way? Could you fall for a social
> engineering "hack" easier and GIVE away what you're doing on that
> keyboard to someone you "thought you could trust"? I bet there are
> ways that would have a much lower opportunity-cost lost to the
> attacker than trying to get your keystrokes from your wireless keyboard.
> If you're using a wireless keyboard out in public... that's a
> completely different story. Again, wireless may not be the correct
> technical solution for you.. :-)
Thanks for your feedback, Nate.
Take care, eh.