'Snooping through the power socket' diff viewer (1/2)

This article is from the source 'bbc' and was first published or seen on July 13, 2009 13:32 (UTC). It will not be checked again for changes.

You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/8147534.stm

The article has changed 5 times. There is an RSS feed of changes available.

Previous version 1 2 3 4 Next version

Previous version 1 2 3 4 Next version

Version 1	Version 2
Snooping through the power socket	Snooping through the power socket
2009-07-13 13:51:36 UTC	2009-07-13 15:02:51 UTC (about 1 hour later)
Power sockets can be used to eavesdrop on what people type on a computer.	Power sockets can be used to eavesdrop on what people type on a computer.
Security researchers found that poor shielding on some keyboard cables means useful data can be leaked about each character typed.	Security researchers found that poor shielding on some keyboard cables means useful data can be leaked about each character typed.
By analysing the information leaking onto power circuits, the researchers could see what a target was typing.	By analysing the information leaking onto power circuits, the researchers could see what a target was typing.
The attack has been demonstrated to work at a distance of up to 15m, but refinement may mean it could work over much longer distances.	The attack has been demonstrated to work at a distance of up to 15m, but refinement may mean it could work over much longer distances.
Hotel attack	Hotel attack
"Our goal is to show that information leaks in the most unexpected ways and can be retrieved," wrote Andrea Barisani and Daniele Bianco, of security firm Inverse Path, in a paper describing their work.	"Our goal is to show that information leaks in the most unexpected ways and can be retrieved," wrote Andrea Barisani and Daniele Bianco, of security firm Inverse Path, in a paper describing their work.
The research focussed on the cables used to connect PS/2 keyboards to desktop PCs.	The research focussed on the cables used to connect PS/2 keyboards to desktop PCs.
Usefully, said the pair, the six wires inside a PS/2 cable are typically "close to each other and poorly shielded". This means that information travelling along the data wire, when a key is pressed, leaks onto the ~~ground~~ wire in the same cable.	Usefully, said the pair, the six wires inside a PS/2 cable are typically "close to each other and poorly shielded". This means that information travelling along the data wire, when a key is pressed, leaks onto the earth (ground in the US) wire in the same cable.
~~The ~~ground~~ wire, via the PC's power unit, ultimately connects to the plug in the power socket, and from there leaks out onto the circuit supplying electricity to a room.~~	The earth wire, via the PC's power unit, ultimately connects to the plug in the power socket, and from there information leaks out onto the circuit supplying electricity to a room.
Even better, said the researchers, data travels along PS/2 cables one bit at a time and uses a clock speed far lower than any other PC component. Both these qualities make it easy to pick out voltage changes caused by key presses.	Even better, said the researchers, data travels along PS/2 cables one bit at a time and uses a clock speed far lower than any other PC component. Both these qualities make it easy to pick out voltage changes caused by key presses.
A digital oscilloscope was used to gather data about voltage changes on a power line and filters were used to remove those caused by anything other than the keyboard.	A digital oscilloscope was used to gather data about voltage changes on a power line and filters were used to remove those caused by anything other than the keyboard.
"The PS/2 signal square wave is preserved with good quality... and can be decoded back to the original keystroke information," wrote the pair in a paper describing their work.	"The PS/2 signal square wave is preserved with good quality... and can be decoded back to the original keystroke information," wrote the pair in a paper describing their work.
They demonstrated it working over distances of 1, 5, 10 and 15m from a target, far enough to suggest it could work in a hotel or office.	They demonstrated it working over distances of 1, 5, 10 and 15m from a target, far enough to suggest it could work in a hotel or office.
"The test performed in the laboratory represent a worst case scenario for this type of measurement, which along with acceptable results emphasizes the feasibility of the attack on normal conditions," they added.	"The test performed in the laboratory represent a worst case scenario for this type of measurement, which along with acceptable results emphasizes the feasibility of the attack on normal conditions," they added.
The pair said their research was "work in progress" and expect the equipment to get more sensitive as it is refined.	The pair said their research was "work in progress" and expect the equipment to get more sensitive as it is refined.
The attack is due to be demonstrated at the Black Hat conference that takes place in Las Vegas from 25-30 July.	The attack is due to be demonstrated at the Black Hat conference that takes place in Las Vegas from 25-30 July.