0
Hackers can use power sockets to record your keystrokes using a voltmeter
Till now we have heard that hackers use phishing methods or install trojans into the victims computer to record keystrokes and steal account informations. There are numerous programmes and methods advised to prevent such kind of attacks, most common of them are anti virus programes and firewalls. Even a laymen person new to the world of internet knows the do's and dont's to keep himself secure. Thus it is getting difficult for the hackers to come out with new methods to play with the privacy of their victims as people are getting more concerned about their privacy.
Two independent researchers Andrea Barisani(Alias lcars) and Daniele Bianco(Alias danbia) at inverse path came out with a security loophole in your keyboard, preferably ps/2 and laptop keyboard, that can enable a hacker to record your keystroke by just connecting to your power grid, and yes, no anti virus program or any firewall could detect this kind of sniffing. The fact that the vulnerability is caused due to poor standards of wires used inside the cables of your keyboard, even an advanced computer user is vulnerable to such attack. All the hacker requires to do is to get access to your power grid and there is nothing you can do to prevent it with the current hardware availability. This work of Andrea and daniele is greatly appreciated and their presentation is invited to PH-Neutral, Shakacon, BlackHat and DEFCON.
Lets understand what exactly is this all about. Current keyboards, specially ps/2 and those used inside a laptop use relatively cheaper homemade hardware insulation around the tiny wires inside the main cable connecting the keyboard and the computer. This is absolutely fine as far as we consider that these insulation are enough for proper functioning of the keyboard. A normal ps/2 cable consist of 6 pins with four of them carrying data, Ground, +5 V current and clock, respectively. As the wires are very close to each other and not insulated well, they cause leakage of information from the data wire to the ground wire due to electromagnetic coupling. The ground wire as well as the other cable shieldings are routed to the main power adapter ground which is then connected to the power socket and finally
the electric grid of the area. This eventually leads to keystrokes leakage to the electric grid which can then be detected on the power plug itself, including nearby ones sharing the same electric lines. Now the ps/2 keyboards use very low clock frequencies as compared to other computer components. While most of the measurements inside the CPU is done in Mhz, the clock frequency of ps/2 keyboards lies in 10 - 16.7 kHz range. Also the keystrokes are recorded i-bit at a time. This makes the data routed from keyboard easily separable from other clock signals after an deep analysis of the data recieved. The hack can be done easily with any physical contact to the ground of the victim with a piece of metal, like a toilet pipe, or even having access to the same power line within the same building. It is believed that USB keyboards are not affected by this attack as they use differential signaling for cancelling the noise.
Two independent researchers Andrea Barisani(Alias lcars) and Daniele Bianco(Alias danbia) at inverse path came out with a security loophole in your keyboard, preferably ps/2 and laptop keyboard, that can enable a hacker to record your keystroke by just connecting to your power grid, and yes, no anti virus program or any firewall could detect this kind of sniffing. The fact that the vulnerability is caused due to poor standards of wires used inside the cables of your keyboard, even an advanced computer user is vulnerable to such attack. All the hacker requires to do is to get access to your power grid and there is nothing you can do to prevent it with the current hardware availability. This work of Andrea and daniele is greatly appreciated and their presentation is invited to PH-Neutral, Shakacon, BlackHat and DEFCON.
Lets understand what exactly is this all about. Current keyboards, specially ps/2 and those used inside a laptop use relatively cheaper homemade hardware insulation around the tiny wires inside the main cable connecting the keyboard and the computer. This is absolutely fine as far as we consider that these insulation are enough for proper functioning of the keyboard. A normal ps/2 cable consist of 6 pins with four of them carrying data, Ground, +5 V current and clock, respectively. As the wires are very close to each other and not insulated well, they cause leakage of information from the data wire to the ground wire due to electromagnetic coupling. The ground wire as well as the other cable shieldings are routed to the main power adapter ground which is then connected to the power socket and finally
the electric grid of the area. This eventually leads to keystrokes leakage to the electric grid which can then be detected on the power plug itself, including nearby ones sharing the same electric lines. Now the ps/2 keyboards use very low clock frequencies as compared to other computer components. While most of the measurements inside the CPU is done in Mhz, the clock frequency of ps/2 keyboards lies in 10 - 16.7 kHz range. Also the keystrokes are recorded i-bit at a time. This makes the data routed from keyboard easily separable from other clock signals after an deep analysis of the data recieved. The hack can be done easily with any physical contact to the ground of the victim with a piece of metal, like a toilet pipe, or even having access to the same power line within the same building. It is believed that USB keyboards are not affected by this attack as they use differential signaling for cancelling the noise.
Post a Comment