• Home
• About
• RSS
• Get in touch

Who’s Watching You Type?

While we have known for a while that keyboards were a great place to snoop for information, it now seems that they are more vulnerable than previously expected. Research from Switzerland has shown it is possible to snoop keystrokes from 20m away just by monitoring the slight changes in electromagnetic radiation each time a key is pressed.

Tests were done with a variety of keyboards and all were found to be susceptible to the attack.

As with all research, this just points the way to what is possible and therefore what will become reality out there in cyber-criminal land. And so a new attack vector is born… one where you don’t have to infect the target’s machine with malware, or a piece of additional hardware (one of the easiest ways to install a virtually undetectable keylogger – who looks for additional widgets on their desktop keyboard connectors?!?!)… you just have to get to within 20m, and it doesn’t even have to be direct line of sight – the method works through walls as well.

What to do? Perhaps it is time to start using ‘virtual’ keyboards for username and password input – as standard.

comments

• Connect with us



• Get Email Updates

• Recently Posts

  • Spam is decreasing. Is it the beginning of the end for e-mail?
  • Taming the tablet
  • Free Wifi: Why do we trust it?
  • The true cost of a data breach (Part Two)
  • The true cost of a data breach
  • The Ultimate Combination – Information Protection with Visibility and Audit
  • Gaining Access Control
  • O3 –Control in the cloud
  • Mobile adoption has reached the tipping point, but businesses accept it’s time for a security reality check
  • The internet explodes with gTLDs

• Pages

  • announcements
  • Application
  • Availability
  • backup
  • botnet
  • Cloud computing
  • Complexity
  • Compliance
  • Consumerization
  • cyber-crime
  • data centre
  • data-loss
  • Denial of service
  • disaster recovery
  • Education
  • Green IT
  • impersonation
  • Information Policy
  • Insider
  • IT equipment
  • Miscellaneous
  • misleading applications
  • Patching
  • Phishing
  • Regulation
  • Reputation
  • SaaS
  • security
  • small business
  • Social Media
  • Spam
  • Speaking
  • Storage
  • trojan
  • Uncategorized
  • Virtualization
  • Virus

• Blogroll

  • Ask Marian Consumer Security Blog
  • Bruce Schneier’s Blog
  • Con Mallon’s Symantec Consumer Blog
  • Gareth’s BE Blog
  • Get Safe Online (The Blog)
  • Gizmodo Gadget Blog
  • Jonathan Schwartz’s Blog
  • Phil Windley’s Technometria
  • Security Bloggers Network
  • Symantec French contributor - A blog from the French pen of Laurent Heslault
  • Symantec Guide to Scary Internet Stuff – Botnets
  • Symantec Guide to Scary Internet Stuff – Drive-by downloads - Video explaining the latest security threats in simple terms, on drive-by downloads
  • Symantec Guide to Scary Internet Stuff – No 5 Rogue AV
  • Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks
  • Symantec Guide to Scary Internet Stuff – No7 Pests on your PC
  • Symantec Guide to Scary Internet Stuff – No8 Losing your Data
  • Symantec Guide to Scary Internet Stuff – Phishing
  • Symantec Guide to Scary Internet Stuff – Underground Economy
  • Symantec podcast channel - A channel of podcasts on current security and availability topics from the experts at Symantec
  • Toby Stevens’ Data Trust Blog