QWERTYjacking: Wireless Keyboards Easily Cracked
I don't know why no one thought of this before: Wireless keyboards, mice, and other input devices are vulnerable to hacking. Specifically, the encryption system they use is extremely weak and can be easily decrypted. An attacker needs to eavesdrop on as few as 20 keystrokes to record everything you're typing. To coin a phrase, I'm calling it QWERTYjacking.
The hack was initially revealed a few months ago, but it's since been refined to open additional hardware products, including some of Microsoft's popular Optical Desktop keyboards.
In simplified technical terms, the encryption on such keyboards relies on a simple logical operation that combines each character you type with a random byte agreed upon between the keyboard and the base station. But since there are only 256 possible bytes, using a simple dictionary attack a computer can determine the correct encryption key in a matter of seconds. (If the eavesdropper sniffs the "handshake" where the key is determined, the encryption can be broken immediately.)
In practical terms, it may seem like this is a farfetched hack, but a keylogger need not be large or complex to work. A recent demo shows a prototype of a system sniffing the data being typed on three different keyboards simultaneously. Ultimately, the danger here is not much worse than someone using a software or hardware keylogger (or even a guy merely peeking over your shoulder), but for people in heavily sensitive environments, it's a good lesson to learn: Wireless technologies are all inherently insecure, even those you might take for granted.
LINK: Wireless keyboards easily cracked