Forgot your password?
typodupeerror
Security Power

Stealing Data Via Electrical Outlet 208

Posted by timothy
from the accidentally-forget-to-label-some-220v-outlets dept.
Ponca City, We love you writes "NetworkWorld reports that security consultants Andrea Barisani and Daniele Bianco are preparing to unveil their methodology at the Black Hat USA conference for stealing information typed on a computer keyboard using nothing more than the power outlet to which the computer is connected. When you type on a standard computer keyboard, electrical signals run through the cable to the PC. Those cables aren't shielded, so the signal leaks via the ground wire in the cable and into the ground wire on the computer's power supply. The attacker connects a probe to a nearby power socket, detects the ground leakage, and converts the signal back into alphanumeric characters. So far, the attack has proven successful using outlets up to about 15 meters away. The cost of the equipment to carry out the power-line attack could be as little as $500 and while the researchers admit their hacking tools are rudimentary, they believe they could be improved upon with a little time, effort and backing. 'If our small research was able to accomplish acceptable results in a brief development time (approximately a week of work) and with cheap hardware,' they say, 'Consider what a dedicated team or government agency can accomplish with more expensive equipment and effort.'"
This discussion has been archived. No new comments can be posted.

Stealing Data Via Electrical Outlet

Comments Filter:
  • usb keyboard? (Score:5, Interesting)

    by screamphilling (1173499) on Sunday July 12, 2009 @05:00AM (#28666103)
    what about usb keyboards? those wires are shielded. the compared the signal to a mouse signal so I'm assuming they're talking about ps2. still interesting(alarming) surveillance technology nonetheless
    • by siloko (1133863) on Sunday July 12, 2009 @05:14AM (#28666143)
      which is one of the reasons why I purposely get my password wrong, constatnly. Hold on who is this siloko person!?
    • by MoFoQ (584566) on Sunday July 12, 2009 @05:14AM (#28666145)

      even usb uses a GND and the D+/D- (data wires) aren't isolated from the GND.
      Plus most GND is typically a common ground (through the chassis and to the ground of the power cable).

      and if you consider the fact that this was done by unfunded, tiny group in just a week....makes ya wonder what the NSA or any other BIGGER and better funded group would have up their sleeves.

      looks like I have to come up with a random noise generator to hook up to the ground of my power outlets.

      • by commodoresloat (172735) * on Sunday July 12, 2009 @05:18AM (#28666151)

        looks like I have to come up with a random noise generator to hook up to the ground of my power outlets.

        Too much work. Just do what I do -- don't ever type anything worth reading.

      • looks like I have to come up with a random noise generator to hook up to the ground of my power outlets.

        Vacuum cleaner? Microwave? Air conditioning?

        • by siloko (1133863)
          Vacuum cleaner? Speak for yourself! My vacuum cleaner hose doubles as a microphone and a more melodic password obfuscator has rarely been heard!
      • by arctanx (1187415) on Sunday July 12, 2009 @05:41AM (#28666227)

        looks like I have to come up with a random noise generator to hook up to the ground of my power outlets.

        Try not to get stabbed by any local amateur radio operators.

        • Re: (Score:3, Interesting)

          by Hurricane78 (562437)

          We musicians have our tricks and devices to get rid of power-line disturbances. I recommend looking for such a device in a big store for musicians and a guide on the net.

      • Many 'net junkies like to say things like "Information wants to be free!" as if there was something anthropic about information.

        But information is the foundation of the Universe, so much so that quantum mechanics is routinely described with terms like "information loss" and even measured. It's almost like Douglas Adams was right all along, and the universe actually is a large supercomputer trying to find out the answer to life, the universe, and everything. Where are the hyper-intelligent mice?

        But if the un

        • Re: (Score:3, Informative)

          by drinkypoo (153816)

          In this case, there is an easier way, and it's called optical links, which don't radiate RF when you send photons through them.

      • by kdemetter (965669)

        I'll have to read this article , because i'm somehow about this.
        Normally , a power supply contains a rectifier , so this should mean the signal can't be carried back.

        I'll have to do some tests on this.

        • Normally , a power supply contains a rectifier , so this should mean the signal can't be carried back.

          Current going into a diode will tell you the impedance coming out of the diode.

        • Basicaly what happens is the keyboard induces current in the ground line

          Since keyboards and mice signals are in the 1 to 20 kHz range, a filter can isolate that range for listening, they say.

          so the answer is to filter out the 1-20KHz range to reduce the level of ground loop feedback and insert some pink noise at the 1-20Hz range into the ground to further bury the signal into the noise.

      • by wall0159 (881759)

        "looks like I have to come up with a random noise generator to hook up to the ground of my power outlets."

        There would already be a lot of noise in the signal which they must be able to filter already. You'd probably be better off connecting something that mimicked a series of keyboards with keystrokes that were plausible. This would not be random at all, and your keyboard would then be one keyboard hiding among many keyboards, rather than a single keyboard hiding within (approximately white) noise -- which

        • What about a device that loops and delays the signals coming from the keyboard, and runs those down the line. With the current keystrokes as well as those from 30 seconds ago, and those from 3 minutes ago, etc, that might be too much similar signal to get something coherent out of.

          Similar to a looping/distortion pedal for a guitar/instrument.
      • Strange, a keyboard sniffing technique where Bluetooth keyboards are safer than wired...
        • Probably not uncommon, actually. Since, outside of fairly seriously paranoid applications, wire is treated as intrinsically safe from eavesdropping, the only real standard constraining leakage is the FCC and/or crosstalk that keeps the design from working

          With wireless, on the other hand, trivial eavesdropping is a basic assumption. This doesn't mean that designers won't fuck it up(Hello, WEP); but the matter is at least considered.
      • ...makes ya wonder what the NSA or any other BIGGER and better funded group would have up their sleeves.

        There are probably some NSA designers out there reminding everyone that it was inevitable someone would figure it out and luckily they still had 500 more ways to get the same data.

        Years ago at Hanford they were doing some experiments monitoring the power going into a house. Discovered they could tell exactly what was going on in every room at any given moment just by watching minor fluctuations in t

      • Re: (Score:2, Interesting)

        by asCii88 (1017788)
        or use dvorak
      • by budgenator (254554) on Sunday July 12, 2009 @12:36PM (#28667983) Journal

        even usb uses a GND and the D+/D- (data wires) aren't isolated from the GND.
        Plus most GND is typically a common ground (through the chassis and to the ground of the power cable).

        and if you consider the fact that this was done by unfunded, tiny group in just a week....makes ya wonder what the NSA or any other BIGGER and better funded group would have up their sleeves.

        looks like I have to come up with a random noise generator to hook up to the ground of my power outlets.

        Now you know why the NSA and the other spooky types keep their classified equipment running off a generator powered by an electrical motor rather than connecting directly to the power grid. When you absolutely have to keep something secret nothing beats Faraday cages, air-gaps and mechanical isolation from the power grid.

      • by chriso11 (254041)

        The D+/D- wires are differential, in which the signal is coupled, and so it will radiate and affect the ground current much less - probably by 2+ orders of magnitude, compared to single-ended signals.

    • by Anonymous Coward on Sunday July 12, 2009 @05:33AM (#28666197)
      Root is like crack. Don't smoke it. I did once and got hooked. I ran Mac OS Updates as root. ****, I even had sex with my girlfriend as root. Man, that caused some permissions problems. When I started the road to recovery (logging in as Zacks) my girlfriend was all like: "**** no! You can't get any cause you don't own me an I don't go groups. You don't have the power to read, write OR execute so get out of my FACE" So I was all HELL NO bitch. And she wuz like you do not have root (superuser) privlages so get out of my TruBlueEnvironment! So then I went chown and chmodded her ass to me. Dat be-otch be up in my hizzouse. What what. Holla!
    • by Wowsers (1151731)

      What about wireless USB keyboards, we all know that they're safe because radio waves are not receivable by anyone else are they..!?

      I bet the security story would be used by the likes of Intel and Microsoft to justify the (un)Trusted Computing platform wet deam of theirs.

    • by Cylix (55374) on Sunday July 12, 2009 @08:33AM (#28666789) Homepage Journal

      another approach is to use wireless keyboards.

      No ground fault attack is possible since I'm using batteries!

      I've been fighting the man for so long I've got a million tricks like this up my sleeve.

    • Re:usb keyboard? (Score:4, Informative)

      by thogard (43403) on Sunday July 12, 2009 @10:00AM (#28667071) Homepage

      A USB keyboard will still do a slow scan of row and column and the resistance will go up per keypress and that is what they are looking at. If you can identify the scan frequency, then you can look for current changes at the right times and reconstruct the matrix of key presses. Since most PCs use the same matrix, its trivial to convert the matrix with unknown start values into known start values once you find 0x39 (space bar) shifted some random way and frequently pressed.

  • Dupe? (Score:2, Informative)

    by Anonymous Coward
    • Re: (Score:2, Informative)

      by Anonymous Coward

      Yes, looks like a dupe and the important bit of info is that only PS/2 keyboards are really vulnerable. USB cables are shielded better. Can anyone confirm TFA is the same case?

    • I've read both Slashdot articles. They look similar to me. The older one is far superior.

      Basically, if you have a keyboard of poor quality that has poor shielding and no noise reduction components, it is possible to read signals. The question is, which keyboards and computers are poorly designed and poorly shielded?

      Read the complete story: This PDF, not referenced by Slashdot, tells the whole story: CanSecWest/core09 March 16-20, 2009 [cansecwest.com] (PDF). Quote from page 41: "This doesn't work against USB keyboards because of differential signaling". Also, on page 12: "The [PS/2 keyboard] wires are very close to each other and poorly shielded".

      Slashdot articles of especially poor quality: Are they paid advertisements? I've read Slashdot articles for years, and there is now a new phenomenon. A publication runs an article of very poor quality and Slashdot links to it, possibly to lead Slashdot readers to the publication so that they will read the ads. This article was submitted to Slashdot by a professional writer, Hugh Pickens [hughpickens.com], who is possibly acting as a public relations agent. He has written at least 413 Slashdot articles [hughpickens.com]. Does someone at Slashdot accept money to publish his articles?

      Quote from the OLDER article referenced by the OLDER Slashdot story:

      'March 12, 2009, 02:46 PM - IDG News Service -

      'Inverse Path researchers Andrea Barisani and Daniele Bianco say they get accurate results, picking out keyboard signals from keyboard ground cables.

      'Their work only applies to older, PS/2 keyboards
      [PS/2 connector, not PlayStation], but the data they get is "pretty good," they say. On these keyboards, "the data cable is so close to the ground cable, the emanations from the data cable leak onto the ground cable, which acts as an antenna," Barisani said.

      'That ground wire passes through the PC and into the building's power wires, where the researchers can pick up the signals using a computer, an oscilloscope and about $500 worth of other equipment. They believe they could pick up signals from a distance of up to 50 meters by simply plugging a keystroke-sniffing device into the power grid somewhere close to the PC they want to snoop on.

      'Because PS/2 keyboards emanate radiation at a standard, very specific frequency, the researchers can pick up a keyboard's signal even on a crowded power grid. They tried out their experiment at a local university's physics department, and even with particle detectors, oscilloscopes and other computers on the network were still able to get good data.'
  • laser pointer (Score:3, Insightful)

    by timmarhy (659436) on Sunday July 12, 2009 @05:19AM (#28666157)
    very clever how hey grab info using a laser pointer and measuring the vibrations. i'm afraid you might notice the big red dot on your computer though. sienfield flash backs.
  • Done that (Score:5, Informative)

    by Anonymous Coward on Sunday July 12, 2009 @05:34AM (#28666201)

    The SIGINT in the Netherlands did this kind of stuff well before the new millennium, including reading the screen (LCD or CRT) and audio by tapping into the ground or pointing a dish to the emitting circuit, one of the reasons why the whole building handling sensitive information must be encased, making it practically a faraday cage. Only disadvantage is that your cellphone doesn't work although the SIGINT saw that as an advantage.

    • by Kuroji (990107)

      Well, when you get down to it, any outside communications that isn't through a secure line is a possible liability. You don't want someone waltzing in and sending out sensitive information on a phone call. Granted, if they're determined they'll get that information one way or another, but that's where SIGINT ends and HUMINT begins.

    • Re:Done that (Score:4, Interesting)

      by Rakishi (759894) on Sunday July 12, 2009 @06:11AM (#28666297)

      Hell if I remember correctly my old motherboard had a setting to add random noise so the memory chips couldn't be read from their emissions. So yeah, it's an old and well known problem.

    • Old college roommate, former Air Force Intelligience type, one day decided to give me something to think about when I was trying to be more secure with my PC... "Don't you think when you push 'A' on your keyboard or push 'B' on your keyboard that something ever so slightly different happens in your power supply?"

      It's very old news amongst SIGINT types...

  • I'm guessing (hoping?) this doesn't work if you have an in-line UPS (that conditions power constantly) as that should hopefully futze (technical term, really) the signal up? I'd be curious to know about that. I'm also assuming this doesn't work for USB as well since most computers have multiple USB devices (hopefully transmitting/receiving enough to mask the keyboard signal).
    • by sjames (1099)

      I doubt it will help. The ground on a UPS is a pass-through.

      USB would at least make it harder.

  • tempest (Score:5, Informative)

    by arabagast (462679) on Sunday July 12, 2009 @05:48AM (#28666245) Homepage

    http://en.wikipedia.org/wiki/TEMPEST [wikipedia.org] - the fact that these guidelines exist, means that this is in not new.

    • Re: (Score:2, Informative)

      by hebertrich (472331)

      Similar techniques are at least 40 years old.
      One of the ways described in litterature makes use of the variation
      in current in the ac line.Others were simply picking up the rf and used a
      tv monitor with variable h and v frequencies to actually look at what was on the
      monitor.
      Still .. it's no big news . they are simply reproducing what's been known
      for ages .. computers are easy to intercept because they radiate massive
      amounts of RF.

    • Re: (Score:3, Informative)

      by CharlieG (34950)

      Not only not new, but the codeword Tempest was declassified in the 80s - not the standards, just the codeword. The Government has been doing this for a LONG time

  • by Anonymous Coward on Sunday July 12, 2009 @05:50AM (#28666247)

    If the cops or feds really want to spy on you, you will have a hard time preventing it. My advice is not to attract their attention in the first place.

    If you're someone like the mafia, you can't use electronic devices and you can't write anything down. Each of your clandestine conversations has to be in a different noisy location so they can't set up a directional microphone or bug. You also have to prevent them from getting a deaf person to lip read you. (I don't have direct experience with criminal gangs but anyone can observe that they usually aren't brought down by wiretaps. The big prosecutions of mafia bosses usually resulted from getting an underling to rat on his boss.) The point is that anyone worried about being spied on can and will take measures to prevent it.

    Spying on someone is expensive. Spying on someone's key clicks is particularly expensive and probably won't produce great results. Someone tried an experiment of bugging an office by shining a laser on the window. The results were disappointing. The vast majority of the conversation was uninteresting. The experimenters decided that no useful information would have been gathered.

    Tapping telephones and data links is relatively easy (compared with sniffing keystrokes). Stealing someone's laptop is usually also easy. Unless I'm taking measures against those kinds of spying, I'm not worried about having my keystrokes sniffed. If I were at danger of being spied on, I would be much more worried about being betrayed by a 'friend', associate, or employee.

  • The military has had line filters and other protocols to deal with this exact issue in place for at least 20 years now.

    And no, that's not idle speculation, it was one of the things we had to deal with when I was in the military.
    It's even referred to by one of those silly military project names.
    Sorry, I'm not sure if I can post the name, so I won't.
    (If someone else posts it, correctly or otherwise, I will neither confirm nor deny it's accuracy, so please don't ask.)
    • by Kupfernigk (1190345) on Sunday July 12, 2009 @07:47AM (#28666605)
      Oh dear. I too have signed the Official Secrets Act, and I can tell you that none of the basic stuff is classified at all. No need to make a big mystery of it. Indeed, when working on a restricted project in the early 1980s which involved detecting very small signals, we borrowed a full EMI secured trailer to use backwards (i.e. keep all the external RFI out, including that down all power lines.), and no security measures were applied to its use. Subsequently I worked on EMC for a while, and all the power line and data line securing technology has been in the public domain for ages, along with EMI gaskets for faraday cages, various means of applying conductive films, silver loaded epoxies, CRT enclosures and the rest. The stuff available from Japanese companies on the commercial market was far more advanced than the approved military technology we had been using, owing to the delay involved in the military approvals process.

      Securing notebooks is of course much easier than securing PCs because the keyboard data doesn't go outside the system. The intro to the article appears confused. Any signal on the earth line has to be due to capacitative coupling between a keyboard and external ground owing to the well known law that the sum of all the currents in all circuit paths to any junction must be zero. If you want to improve security against ground line signalling when using a notebook, run it on battery using secured wireless networking, and use the built in keyboard and monitor.

  • , 'Consider what a dedicated team or government agency have already accomplished with more expensive equipment and effort.'"

    FTFY.

  • Stealing power is where it's at. They should come up with a way to steal power instead.
  • you can't "steal" data.

    you can compromise the data, hack it, crack it, breach the computer, etc, but its not theft.

    Please don't promote this butchery of the english language being perpetrated by luddites and imbeciles so paranoid they feel the need to apply a double standard in which the bill of rights does not apply on the internet.

    • by petes_PoV (912422)
      Although I agree, the term is so misused these days (particularly in reference to "theft" of copyrighted information) that it has been devalued. Because we are all brought up to consider stealing to be bad, the spin-doctors are tapping into our conditioning to elicit an emotional response that is rarely warranted.

      In my mind, if you have something and I take it off you, that's stealing as you don't have it any more.
      If you have something and I copy it, that may well be a crime, or immoral, but provided you

    • by dissy (172727)

      Please don't promote this butchery of the english language being perpetrated by luddites and imbeciles so paranoid they feel the need to apply a double standard in which the bill of rights does not apply on the internet.

      Sadly for this specific case, "Hey! He stole my idea!" was in use in English long before the Internet existed.

      That old saying will be a lot harder to get people to stop saying/thinking than all the newer made up stuff where 'theft' means 4-5 different crimes, only one of which is actually theft.

    • Mmm. And what of all those spies who have been charged with stealing secrets?

  • Some/all of APC's surge suppressors contain in-line EMI filters [google.com].

    Is that enough to stop this hack?

    • That kind of EMI filtering reduces interfering signals (coming in and going out), but does not eliminate them. If the signal is low enough not to interfere with other equipment that is good enough. The conducted emissions testing required for FCC, EC, etc has limits (more strict at higher frequencies). If the measured signal is below the limit you pass, but the signal is still measurable.

  • by biduxe (541904) <nunomilheiro@@@gmail...com> on Sunday July 12, 2009 @06:53AM (#28666429)

    A great deal of people here already know, but for the others:
    http://www.erikyyy.de/tempest/ [erikyyy.de]

    Software to generate images (noise) on your CRT screen so that the generated interference will translate as sound you can listen to on a radio receiver

    It works great to listen to music when you do not have a sound card!

  • Mechanical Solution (Score:4, Interesting)

    by MDMurphy (208495) on Sunday July 12, 2009 @07:21AM (#28666513)

    I worked in a facility that was fully TEMPEST shielded in the 80's. Dual airlock doors with full metal seals to get in. The power line leakage problem was taken care of a motor/generator setup. Incoming power only went to an electic motor. The motor was connected by a shaft which spun a generator to supply power to the computer room. With only a mechanical connection no data would be leaking back.

    • by DoofusOfDeath (636671) on Sunday July 12, 2009 @07:55AM (#28666635)

      I worked in a facility that was fully TEMPEST shielded in the 80's. Dual airlock doors with full metal seals to get in. The power line leakage problem was taken care of a motor/generator setup. Incoming power only went to an electic motor. The motor was connected by a shaft which spun a generator to supply power to the computer room. With only a mechanical connection no data would be leaking back.

      So that's basically a mechanically implemented low-pass filter, right? I would think that it would be easier and cheaper to implement electronic low-pass filters at each wall outlet. Especially if you're worried about someone plugging a sniffer into one of the facility's interior power outlets.

      • Re: (Score:3, Insightful)

        by timholman (71886)

        So that's basically a mechanically implemented low-pass filter, right? I would think that it would be easier and cheaper to implement electronic low-pass filters at each wall outlet. Especially if you're worried about someone plugging a sniffer into one of the facility's interior power outlets.

        But it wouldn't be cheaper, and it would definitely be less secure. With a mechanical low-pass filter, you have one central node you have to maintain. You have a big capital outlay, but once built, the motor-generat

        • Re: (Score:3, Insightful)

          by DoofusOfDeath (636671)

          So that's basically a mechanically implemented low-pass filter, right? I would think that it would be easier and cheaper to implement electronic low-pass filters at each wall outlet. Especially if you're worried about someone plugging a sniffer into one of the facility's interior power outlets.

          But it wouldn't be cheaper, and it would definitely be less secure. With a mechanical low-pass filter, you have one central node you have to maintain. You have a big capital outlay, but once built, the motor-generator combo is very, very reliable, and needs little maintenance. It is practically impossible for a lone attacker to compromise it. With electronic low-pass filters at each outlet, you have hundreds (if not thousands) of nodes to monitor and maintain (consider the ongoing expense of that), and it becomes very easy for a single person to compromise one of those nodes using just a screwdriver.

          Good security is never just a matter of money. It's a matter of understanding how attackers behave, knowing how people and equipment can be compromised, and then spending money wisely, even if not frugally.

          But the mechanical barrier is so big and expensive that you can only afford to have them at major barriers. That still leaves all the devices on the "trusted" side of the barrier as running on what's essentially a big, trusted data bus.

          If someone can sneak a sniffer into the secure area and plug it into an unmonitored electrical outlet that's electrically near a secure system, then you have a problem.

          So I guess the question is, do you trust all the people on the inside? And do you adequately scrutinize a

          • by CharlieG (34950)

            Sneaking a sniffer into a temest secure facility - OH, YOU are a funny person, even if you don't mean to be - hint - no electronic devices in or out, and you have a TS clearance just to walk in the front door

            Up until the mid 1980s (can't remember the exact year) the codeword TEMPEST itself was classified at least Secret - I never needed to know more than "It's a kind of RF testing - here are some of the labs that do it, get some quotes for us" - and no, it wasn't done over the phone. I remember when it was

    • by JohnFluxx (413620)

      Wouldn't a voltage fluctuations inside simply become resistive fluctuations in the motor, causing the motor speed to fluctuate, and thus cause fluctuations on the supply power?

      • by Mal-2 (675116)

        Wouldn't a voltage fluctuations inside simply become resistive fluctuations in the motor, causing the motor speed to fluctuate, and thus cause fluctuations on the supply power?

        Sure, but rotational inertia would smooth them away unless the signal was at 0.1bps or so...

        Mal-2

      • Re: (Score:3, Interesting)

        by dkf (304284)

        Wouldn't a voltage fluctuations inside simply become resistive fluctuations in the motor, causing the motor speed to fluctuate, and thus cause fluctuations on the supply power?

        If there's a flywheel in there (and the sheer mass of the rotor assemblies will act as one) then the fluctuations will be so small that it'll be just about impossible to see anything, even with top quality equipment attached at the perfect point (on the outside, of course).

        The other possibility is to just put a lot of other disparate busy traffic on in the inside too. Sure you'll be seeing fluctuations, but you'll never figure out what they mean; for all you know, that glitch you've just measured isn't a pa

  • With all the sh.... they pump out from the EHT circuitry and SMPS, I would expect them to do a pretty good job of blowing away any microvolts that come from the keyboard.

    So far as this being a practical way of eavesdropping - I don't buy it. There are lots more established methods of discovering what people are typing, plus this seems to completely overlook all the activity from the mouse. Governmant agencies? Nah, if money was an issue, they'd just kick the door down and take your PCs away. if they want

  • my apartment only has grounding wires in the kitchen, so i'm safe.
  • Inventors of the methodology were last seen being vigorously helped into vans by friends of their.
  • by Ancient_Hacker (751168) on Sunday July 12, 2009 @09:58AM (#28667061)

    This "Story" is a bogus rehashing of old, old methods. Old as in 60 to 80 years old. The NSA has been grabbing serial teletype signals off adjacent signal and power wires for at least that long.

    It's old and in this case quantitatively bogus. The keyboard signals are milliamps. The leakage to chassis ground will be at least 40dB down, or under a microamp. The leakage from there to earth ground will be at least another 20dB down so we're down in the nanoamp range. By comparison the background ground currents from the PC's switching power supply and other devices will be several thousand times greater. If there's a light dimmer on the same circuit the noise will be nearly a million times greater. You can't combat that kind of background noise.

    Same problem with the keyboard vibrations-laser scheme. They got the idea from a 1930's detective story where the secretary put her gold cigarette case under the phone receiver so her typing could be heard on the other end. Old!

    But that only had a chance of working because each typewriter key row has a specific length of lever and spring, plus the typefaces are arrayed in a curve, so each one strikes the paper from a different angle, giving the listener an opportunity to guess the letter from the combination of X info from the length of the lever and spring, and Y info from the typeface strike angle.

    But that is completely inapplicable to a modern keyboard, where THE KEYS ARE ALL IDENTICAL. No differing row and arc info at all. Maybe a teensy difference if the keyboard base is flimsy and has a slight change in resonance across the board. But unlikely.

    I call bogus.

    • by hax4bux (209237)

      Yup, I'm w/you. There are several exploits but your point is spot on, old electro-mechanical (read motor driven) consoles/printers were exploitable and this was a well known topic within the TEMPEST community.

      For a modern keyboard, not only is it hard to tell the difference between keys but it would be hard to tell the difference between computers as well. In addition to the information supplied above, this is a testimony to modern manufacturing as well (uniform products all make the same noises).

      For all

  • I just cut 2 power cables off of old power supplies, I have spliced the cut ends together; pos to pos, neg to neg, grd to grd. It's one long cable terminating in a 3 prong power plug at each end!

    It's so eloquent!!!

    Now all I have to is plug one side into an outlet and plug the other side into another outlet that is about 5 feet away!!!
    I'm sure It'll probably send those secret stealing feds into an endless loop.

    I've got one side plugged in, just gotta get this other side plugged in and THEN WE'LL SEE WHO'S LA

  • I wonder if having a isolation transformer, or UPS keeps this from happening.

  • Looks like time to start adding random noise to the ground line.

    Next problem please.
  • If our small research was able to accomplish acceptable results in a brief development time (approximately a week of work) and with cheap hardware, consider what a dedicated team or government agency can accomplish with more expensive equipment and effort.

    There was a Slashdot story about this recently [slashdot.org], though the equipment was a bit simpler, basically a piece of paper saying "List all your social networking sites and passwords along with your job application."

"Regardless of the legal speed limit, your Buick must be operated at speeds faster than 85 MPH (140kph)." -- 1987 Buick Grand National owners manual.

Working...