Spyware, Viruses, & Security forum

General discussion

Security regarding cordless mouse and keyboard

by JamesV-L / February 8, 2005 5:23 PM PST

My very hi tech employer has decided that cordless mice and keyboards are a security risk so we've had to revert. Has anyone any idea of the signal strength etc of any sort of cordless device? MORE IMPORTANTLY, while one could conceivably pick up the keystrokes from a keyboard, what is there to pick up from a mouse? Anyone out there work for a Defence or National Security organisation? The reason given to me is that the signal sent is not the criterion, rather it is the potential sensitivity of a receiver!!! Am I out of my mind to object?

Discussion is locked
You are posting a reply to: Security regarding cordless mouse and keyboard
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Security regarding cordless mouse and keyboard
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
it might be true
by Melati Hitam / February 9, 2005 1:28 AM PST

Like you already said, someone can tap to a keystroke..

as for a mouse, someone can have a mouse and move around running, copying, deleting something from a distance..

That's the simplest thing I can imagine.

Collapse -
I won't personally have wireless...
by tobeach / February 9, 2005 2:21 PM PST

on home puter for security fears. I'm no techie but in my neck of the woods you need a judges order to tap a phone line (joke: I know) but nothing to stop you regarding radio waves. With tales of "war wagons" able to access from the street a block away why take those risks (either for uploading from yours or downloading into yours)??
Ask a neighbor of someone with young kids about what they pick up from their baby monitors. I know, 128 bit encryption, but ask the military why they need 512 bit or better... I can live with my mouses tail. Perhaps if a laptop always on the run, it might make some sense.
Hanging around this board ups the paranoia level of some of us (me !) Happy

Collapse -
Have wireless KB amd Mouse
by dawillie / May 31, 2009 3:03 PM PDT

Have had them for nearly 3 y.

No problem.

Collapse -
Be serious
by bsekora / February 10, 2005 9:38 PM PST

It never ends, the paranoia over invasions of privacy.
I have some wireless devices like this. Requires the push of a button at both ends witin a time limit to synch them to each other and have a functional working range of about 8' around the table.

It's conceivable that someone could use the antenna from the Greenwich Observatory to pick them up and a program to scroll through the security codes to intercept them, but why spend the an amount equal to the national debt just to figure out what web site I'm on?

Collapse -
overly concerned
by Rocker452 / February 10, 2005 11:03 PM PST
In reply to: Be serious

I don't really think this is that big of a security risk. The range of these devices is not that far,so you would have to be real close to intercept the signals. I guess if someone wanted to they could but seems to me not to be worth the time or effort.

Collapse -
Cordless
by dirtnapper / February 10, 2005 11:55 PM PST
In reply to: overly concerned

I went wireless...only because the our parrot was getting onto the desk and snipping the mouse and keyboard cables! I went through too many, this was the best! The distance is, for me, about ten feet..unless they are outside the window with a receiver I am not too concerned. If your work is sensitive, I would think they would have other measures installed as well to compensate for this... I am more concerned about my cell phone...I never use it for business with CC numbers or sensitive info... I remember the early days with scanners!

Collapse -
Frankly I'd be more worried about Prostate Cancer
by tbirk / February 11, 2005 12:40 AM PST

As other have said the range of these devices is so short (about 6 foot for the mouse and may be as much as 12 for the keyboard) with all these radio waves floating around in close proximty to your internal organs I would be more worried about Prostate Cancer.

Collapse -
Range and Encryption
by DarkHawke / February 11, 2005 2:30 AM PST

I'm no security expert, but I've had my wireless Logitech Cordless Duo set-up for over a year and a half and I'd never go back! It's a god-send to no longer have those wires to fight with, especially on the mouse! As far as security goes, the Logitech software for the keyboard has its own encryption scheme, though by default it's turned off. I couldn't tell you how secure it is, but another consideration is range of transmission. I've found the receiver for the whole works can pick up keystrokes from the 'board up to about 15 feet, which for me is the distance between the receiver and my front door. Taking the keyboard outside and with the door shut, the receiver picks up nothing. There is no encryption for the mouse that I know of. So, yes, I imagine that it is possible for someone who's really into malicious behavior to pick up and possibly hack a wireless set-up like this. If you are working in a high security circumstance, wired input devices would probably be the way to go. However, for the regular home user, I'd be FAR more worried about someone hacking into a wireless networking system. On balance, I think me and my nifty Logitech stuff are okay, security-wise.

Collapse -
Watch your back.
by GreenDot215 / February 12, 2005 6:55 AM PST
In reply to: Range and Encryption

Wireless devices have that one weakness that could be deadly with someone with the knowledge to pick up the frequency. Just think, how many times do you type in a password, or a SSN, or your credit card number? It would be relatively easy to find out the range of frequency the various keyboards work on, so all you have to do is use a reciever and the encryption software for keyboards that need a program installed to work.

I think it could be simple, kind of like a keylogger.

Collapse -
"Danger" of wireless devices.
by maj1947 / February 12, 2005 10:57 PM PST
In reply to: Watch your back.

Paranoia seems to be the keyword for any one that understands the technology and range limitations of RF mouse/keyboard devices used in the home environment.I would be FAR MORE CONCERNED about proper security measures one should take with wireless networks in general.Knowledge is a useful tool--try some.

Collapse -
Uh, yeah, though I addressed that.
by DarkHawke / March 4, 2005 8:25 PM PST
In reply to: Watch your back.

Like I just said, the range on the keyboard is relatively short, about 15 feet or so and fairly line-of-sight (though, of course, this being an RF technology, line-of-sight isn't required). From outside, nada. And the keyboard communication is specifically encrypted. So yes, it's theoretically possible for someone to pick up the transmission, decode it and use the information. But what's the likelihood? Slim to none for my purposes, though, as I ALSO previously said, if you're in a high security senario, the chances increase.

Some twit with more technological knowledge than decency may want to park himself outside of my house on the slim chance he could hack my wireless keyboard right when I was entering my credit card info or something, but I hardly think that's likely. Wouldn't this hypothetical twit rather hang outside my local Bank of America branch or military base? Can anyone even tell I'm using such a set-up whom I haven't told about it? I know from wardriving and warchalking, but that's an almost entirely different technology, and by the sheer fact that this kind of intrusion/hacking of wireless networks have such cyber-slang terms and there are no parallel terms for logging keystrokes from wireless keyboards, this should tell us all something!

Collapse -
Security regarding cordless mouse and keyboard
by DurangoJazz / February 13, 2005 12:17 AM PST

The employer has a good point. If he "doesn't worry about it" and nothing happens, then he has lost nothing, but if he "doesn't worry about it" and he is wrong, then he looses not only documentation but credibility as well and trust. He may even loose his business. In his case it is better to be safe than to be sorry. It would be "paranoia" if he stayed over night and guarded the computers. Where there is a will there is a way, THAT is the challenge. Dee Jae

Collapse -
answer 2 security risk about keystrokes in wirless board
by Tha Big Homie / February 27, 2005 3:00 AM PST

If something is not concealed, then there is a possible chance that information may leak out. But there is a limited range of transmitting ability between you and your computer. So someone would have to be very very close to you, and also have a special device designed to intercept signals transmitted from your keyboard to your computer. Not only that, but the person would have to really have it out for you to go through all that trouble just to find out some passwords. The answer to your question is yes, but there is a very low risk of someone going through all that trouble, and then finding one of the few people with a wireless keyboard, and staking out in or around your personal space. So there is not much to worry about.

Collapse -
it's been done- and range not an issue
by chlpatent / May 28, 2009 11:16 PM PDT

Sorry, folks, wireless keyboards have been hackable for many years, for example see the recent (2009) article at: http://www.theregister.co.uk/2007/12/03/wireless_keyboard_crypto_cracked/

The short range experienced by users and described in their responses to this thread is due to their receiver/USB plug-in - see any antennae on it? No - but the hackers/spys will have an antenna. According to the article referenced above, the signal was available about 30 feet away to an inexpensive receiver.

MS and other manufacturers need to use a better encryption routine, RSA? VPN? Anything would be better than what they use!

Your employer is correct to be concerned - industrial espionage does exist after all. Once your wireless-keyboard-transmitted login and password are taken, your company's network is probably going to be hacked. There are many ways to keylog a regular keyboard too - hardware and software, but generally someone would have to have access to your office to install them. See for example the KeyGhost Keylogger for a hardware device that goes on your keyboard cord behind your PC!

I recommend everyone concerned about information privacy join the EFF and visit their SSD project (Security Self-Defense) web site.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.