www.my10sen.com

Security firm Dreamlab Technologies claims that it has cracked the encryption used by Microsoft’s wireless keyboards and its base station. As a result, Dreamlab can now sniff all keystrokes sent from Microsoft’s keyboards that communicate with each other on the 27 MHz band.


According to heise Security, the decryption was very easy because the devices use a simple XOR mechanism for encryption and the keys are only one byte long. They claim that even a PDA with a slow ARM-CPU would have derived the combination quickly. Aside from not using such keyboards, there is no workaround. Microsoft has yet to react to the Swiss firm’s announcement.

By using just a simple radio receiver, a sound card, and suitable software, Dreamlab Technologies was able to tap and decode the radio frequencies transmitted between the keyboard and PC/notebook computer. Keyboards that use Bluetooth for communication are not affected by this flaw.

The eavesdropping was done at a distance of 10m using standard equipment, which isn’t so bad. The concern is that with appropriate technical equipment, larger distances are possible.