Becoming A Victim of Keylogging and Fraud – Through The Power Socket

A research paper has been published which suggests that all of the keystrokes made on a computer user’s keyboard could be released into the outside world for fraudsters, criminals and thieves to see – via the target’s power socket.

Andrea Barisani and Daniele Bianco of Inverse Path, a self claimed “international consultancy dedicated to helping clients with the design and implementation of secure networks and infrastructures”, published their research paper which claims that keyboards with bad shielding and inappropriate security may allow the data that is typed on them to be seen by those with the technology to access it through more unusual methods.

An inspection that the researchers did on PS/2 keyboards showed that the wires within the cables are usually “too close to each other and poorly shielded”, meaning that the data travelling along the keyboard wire could unexpectedly leak into the ground cable which provides power to the main processing unit of the computer.

The researches said that their “goal” is to reveal how simple information can leak into the outside world in the most “unexpected ways”. They also said data could be leaked in the same way because the clock speed the keyboard uses is much lower than all other PC peripherals, meaning the data is easily accessible.

“The PS/2 signal square wave is preserved with good quality… and can be decoded back to the original keystroke information…The test performed in the laboratory represent a worst case scenario for this type of measurement, which along with acceptable results emphasizes the feasibility of the attack on normal conditions,” the pair said.

Because the research was done over distances of up to fifteen metres from the target keyboard, it is likely that this could happen in an office. I find it truly fascinating to thing of the numerous ways in which people can gain access to property and to files which simply aren’t theirs. I think this is a fine bit of research from those from Inverse Path and I’m sure it will make companies quickly look into putting procedures to prevent this in place. All I want to know is that, although it doesn’t have any wires directly connected to the keyboard, could the wireless keyboards and their receivers potentially work in the same manner? Leave a comment with your thoughts.