KeySweeper, Sniff Passwords from Wireless Keyboard

By Xah Lee. Date: . Last updated: .

KeySweeper is a wireless device that looks like a USB charger, and can listen to any Microsoft wireless keyboard nearby and steal any character typed by user. Including passwords.

It does not effect Microsoft Sculpt Ergonomic Keyboard though.

KeySweeper - covert Microsoft wireless keyboard sniffer using Arduino and nRF24L01+

A hack very well explained, by Samy Kamkar.

see the guy's homepage http://samy.pl/keysweeper/

See also: List of Keylogging Software.


Microsoft Sculpt Ergonomic keyboard safe?

Yes. The Microsoft Sculpt Ergonomic keyboard is Safe from KeySweeper.


Microsoft Sculpt Ergonomic

the keyboard uses AES encryption.

[is the Microsoft Sculpt Ergonomic keyboard safe from KeySweeper?]

Great question. I have read up a little bit more and here are some relevant links:

From https://publicintelligence.net/fbi-keysweeper/ (A bulletin from FBI about Keysweeper): “A keyboard using AES encryption makes it more difficult to read keystrokes as there are currently no known practical attacks to read AES encrypted data.”

From https://www.microsoft.com/accessories/en-us/products/keyboards/sculpt-ergonomic-desktop/l5v-00001#specsColumns-testCarousel (Sculpt Keyboard specification page) : "This keyboard features Advanced Encryption Standard (AES*) technology"

And what you actually asked, the link to the claim by Microsoft. I could not find the original statement, but it's included in multiple articles on Keysweeper, so here's one; from

http://arstechnica.com/security/2015/01/meet-keysweeper-the-10-usb-charger-that-steals-ms-keyboard-strokes/

: “Update: Microsoft has issued the following statement: Keyboards from multiple manufacturers are affected by this device. Where Microsoft keyboards are concerned, customers using our Bluetooth-enabled keyboards are protected from this type of attack. In addition, users of our 2.4GHz wireless keyboard designs from July 2011 onwards are also protected because these keyboards use Advance Encryption Standard (AES) technology.”

[from Johannes Dahl.]