I aways wondered if the communication channel between my wireless keyboard and the usb receiver-antena is secure. I never bother to reseach this. Today I figured out the practical way. I turned on my pc at work and I tried to type the first letter of my password. Nothing hapened. Then I started spamming that letter. Still nothing, until the person next to me said “my keyboard is typing all by itself”. It turns out she has a wireless mouse with a seemigly identical receiver-antena usb.

The moral of the story. If it was so easy to almost leak my password unintentionally due to this flaw of wireless keyboard communication, imagine wad a bad actor can do intentionally. Why try to brute force, social engineer e.t.c. when your password can be stollen in transit from your keyboard to your pc.

  • @RovingFox@infosec.pub
    link
    fedilink
    61 year ago

    All my passwords are random characters and I just copy/paste out of bitwarden. Can’t leak that with a wireless keyboard.

    • @library_napper
      link
      11 year ago

      So what you’re saying is that the password to get all your passwords from the cloud is typed onto a wireless keyboard?