Arthur T Knackerbracket has found the following story:
Millions of low-cost wireless keyboards are susceptible to a vulnerability that reveals private data to hackers in clear text.
The vulnerability – dubbed KeySniffer – creates a means for hackers to remotely “sniff” all the keystrokes of wireless keyboards from eight manufacturers from distances up to 100 metres away.
“When we purchase a wireless keyboard we reasonably expect that the manufacturer has designed and built security into the core of the product,” said Bastille Research Team member Marc Newlin, responsible for the KeySniffer discovery. “Unfortunately, we tested keyboards from 12 manufacturers and were disappointed to find that eight manufacturers (two thirds) were susceptible to the KeySniffer hack.”
The keyboard manufacturers affected by KeySniffer include: Hewlett-Packard, Toshiba, Kensington, Insignia, Radio Shack, Anker, General Electric, and EagleTec. Vulnerable keyboards are always transmitting, whether or not the user is typing. Consequently, a hacker can scan for vulnerable devices at any time. A complete list of affected devices can be found here.
Wireless keyboards have been the focus of security concerns before. In 2010, the KeyKeriki team exposed weak XOR encryption in certain Microsoft wireless keyboards. Last year Samy Kamkar’s KeySweeper exploited Microsoft’s vulnerabilities. Both of those took advantage of shortcomings in Microsoft’s encryption.
(Score: 2) by Scruffy Beard 2 on Wednesday July 27 2016, @07:33PM
Have you tried to figure out a password from looking a fingerprints? Touch-screens have too many fingerprints to easily discern the ones caused by entering the password.
My own password has mixed case, which requires the use of the shift "button".
My larger concern is that the phone may not do enough key-stretching to make my password secure against an off-line attack (I have device encryption enabled, but long passwords are almost impossible on a touch-screen)..