Author Topic: Snooping through the power socket (Read 933 times)

DaBees-Knees · « **on:** July 15, 2009, 10:41:10 am »

http://news.bbc.co.uk/1/hi/technology/8147534.stm

Quote

Power sockets can be used to eavesdrop on what people type on a computer. Security researchers found that poor shielding on some keyboard cables means useful data can be leaked about each character typed. By analysing the information leaking onto power circuits, the researchers could see what a target was typing. The attack has been demonstrated to work at a distance of up to 15m, but refinement may mean it could work over much longer distances.

Hotel attack
"Our goal is to show that information leaks in the most unexpected ways and can be retrieved," wrote Andrea Barisani and Daniele Bianco, of security firm Inverse Path, in a paper describing their work. The research focused on the cables used to connect PS/2 keyboards to desktop PCs. Usefully, said the pair, the six wires inside a PS/2 cable are typically "close to each other and poorly shielded". This means that information travelling along the data wire, when a key is pressed, leaks onto the earth (ground in the US) wire in the same cable. The earth wire, via the PC's power unit, ultimately connects to the plug in the power socket, and from there information leaks out onto the circuit supplying electricity to a room. Even better, said the researchers, data travels along PS/2 cables one bit at a time and uses a clock speed far lower than any other PC component. Both these qualities make it easy to pick out voltage changes caused by key presses.

A digital oscilloscope was used to gather data about voltage changes on a power line and filters were used to remove those caused by anything other than the keyboard. "The PS/2 signal square wave is preserved with good quality... and can be decoded back to the original keystroke information," wrote the pair in a paper describing their work. They demonstrated it working over distances of 1, 5, 10 and 15m from a target, far enough to suggest it could work in a hotel or office. "The test performed in the laboratory represent a worst case scenario for this type of measurement, which along with acceptable results emphasizes the feasibility of the attack on normal conditions," they added. The pair said their research was "work in progress" and expect the equipment to get more sensitive as it is refined. The attack is due to be demonstrated at the Black Hat conference that takes place in Las Vegas from 25-30 July.

I had to smile when I read this article. In the late 1950’s when I worked on military cypher equipment this phenomena was well known. Additional screening in critical places and some very fancy filters in the power supplies were used even then. I suppose it does no harm to remind a new generation about the problem 50 years later. Just make sure you keep a good look out for an electricity company van parked at the end of your street.

Forested665 · « **Reply #1 on:** July 15, 2009, 02:43:35 pm »

ive heard of this and seen some tests being performed on it.
Only problem is you need to be living in a copper room as it can be picked up in the rf field as well.

DaBees-Knees · « **Reply #2 on:** July 15, 2009, 04:56:38 pm »

In practical terms the problem can be fairly easily cured, but at a cost. The advent of cheaper equipment, particularly from China, has meant that very little attention has been paid to this problem in PC's. Some basic RF suppression is built in as western governments insist on it. Even in the article above they could only detect at short distances and that, I presume, was using the latest equipment. I think most of us would notice someone that close constantly monitoring what we do. So don't start sweating yet.

Forested665 · « **Reply #3 on:** July 15, 2009, 07:43:22 pm »

FCC ID: E5XKB5317
these models have ineffective shielding on the cable making it an antenna lol.

The better made keyboards have sheets of mylar on top and bottom to help surpress rf emission from the board itself.

Trestor · « **Reply #4 on:** July 15, 2009, 09:20:14 pm »

I suppose a wireless keyboard is vulnerable as well, albeit in a different way.

Forested665 · « **Reply #5 on:** July 15, 2009, 10:35:07 pm »

No same way trestor. rf is rf....

Bluey_412 · « **Reply #6 on:** July 16, 2009, 05:41:43 am »

Ermmm, Lemme check the date, guys...

Not April 1?

White Stripes · « **Reply #7 on:** July 16, 2009, 06:50:40 am »

this can be done with signals sent through your monitors cable as well.... to get a birds eye view of whats on your monitor... (demonstrations are available online... google is your friend tho cos i cant think of any links)

dabees may have heard the term 'really free intelligence' as a joke acronym for RFI..... (radio frequency interference)

also... old computers 'the kind that filled a room' could be made to play music (albeit crude music) by holding an AM radio next to the core memory unit and rapidly changing segments of it... (or in other words changing the contents of system ram at specific speeds and patterns to create musical RFI)

wanna snoop on yourself and have a portable AM radio handy? tune the radio to a place on the 'dial' that doesnt have a station on it.... now put it near your keyboard cable and type.... put it near your monitor to hear its noise (this is especially vibrant noise if its a CRT) or near the cat5 cable running between your comp and the router and start... then stop... a download or upload... notice anything?

as an off topic to forested; turning off my CRT monitors actually let me listen to the shortwave band... before it was full of unusual noise that didnt dawn on me what it was till the antenna fell back and actually touched the monitor.... was definitly a 'oh... duh!' moment....

Forested665 · « **Reply #8 on:** July 16, 2009, 04:15:50 pm »

Imagine using a crystal filter set. I had to turn everything upstairs off including the lights.
Im thinking a power conditioner might be a worthwhile investment for it.