Microsoft wireless keyboards at risk, says researcher

There are an untold number of ways security can be breached in an IT system. Now security pros have another to worry about: Wireless keyboards.

Anything wireless, of course, is a threat vector, but many CSOs may not be worried about keyboards and their short-range transmissions. Instead the appeal of having fewer wires around a desktop is the lure. Besides, a hacker has to be close to pick up the signals with a keylogger, right?

Not if a device created by security researcher Samy Kamkar is legit. Kamkar says he’s built a wireless sniffer that fits inside what looks like a USB wall charger and picks up signals from Microsoft wireless keyboards transmitting on a 2.4GHz frequency. Kamkar dubs his creation  KeySweeper, it’s build around an open source Arduino Pro Mini microcontroller module for about US$80 in parts — or less, depending on its design.

“Keystrokes are sent back to the KeySweeper operator over the Internet via an optional GSM chip,” he writes on a post, ” or can be stored on a flash chip and delivered wirelessly when a secondary KeySweeper device comes within wireless range of the target KeySweeper. A Web-based tool allows live keystroke monitoring.

KeySweeper can send SMS alerts upon certain keystrokes being typed, for example, a bank’s URL. If the device is unplugged it appears to shut off, but a rechargable Lithium-Ion battery can be added — if the builder knows how to do it safely — keeps it going for a time. Otherwise a standard alkaline batter will do.

Kamar’s work leverage that of others who have also been able to figure out how to keylog Microsoft wireless keyboards; his addition is to cram a solution into a small space.

Cracking open a Microsoft keyboard helps determine frequency the sniffer should be looking for, and then an Internet search led Kamkar to another person who discovered that these keyboards can give up a MAC address to listen on. While there is encryption, a device created by others — and demonstrated at the CanWesSec 2010 conference in Vancouver — can decrypt the signals.

Kamir told VentureBeat the goal of his project is to create pressure on manufacturers of wireless devices to encrypt their signals. Microsoft told VentureBeat it is investigating the report.

Lesson for IT pros: In addition to all your other work, keep an eye on what’s plugged into every wall socket or extension cord in the building.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web