back to article Hackers pop top 'secure' wireless keyboard and mouse kits, gain RCE

Wireless keyboard and mouse manufacturers including Microsoft, Fujitsu, and Logitech have been forced to fix borked encryption in peripherals that allow physical attackers to hijack computers. Researchers and phDs Gerhard Klostermeier and Matthias Deeg with Germany-based security firm SySS tested five devices badged as secure …

  1. Mage Silver badge
    Devil

    Even after it's fixed...

    You buy some, do them up nice, add some software or a chip and ship it to your targets as free samples/presents/beta test etc. (It's been done and works better than "losing" USB sticks in the target's car park, though that works too)

    Beware Geeks carrying Gifts this Christmas.

  2. Grikath
    Facepalm

    Alternatively....

    If you want *security* you use "oldfashioned" wired peripherals..

    But that would be too easy now , wouldn't it...

    1. Mage Silver badge

      Re: Alternatively....

      USB HID is such a broken thing security wise, maybe the USB mouse / keyboard is malicious. I'm not sure if a PS/2 mouse is safe.

      A PS/2 keyboard could have a keylogger and intermittent mobile modem to report home built in?

      I just can't see any advantage to a wireless keyboard or mouse anyway, liable to run out of battery at awkward time, the stupid keyboards sleep and miss your first few keystrokes, and wired is instant after PC / Tablet sleep, the BT types are slow to re-connect. If 2.4GHz and your WiFi is 2.4GHz and weak, it may make it weaker.

      A USB mouse is £1 to £10 for a perfectly good one.

      1. Anonymous Coward
        Anonymous Coward

        Re: Alternatively....

        RS-232 is safe. :-)

      2. Jeffrey Nonken

        Re: Alternatively....

        "I just can't see any advantage to a wireless keyboard or mouse anyway"

        I prefer them. Especially the mouse, no cable to drag. Takes less space in my backpack. *shrug* That's just me.

        "liable to run out of battery at awkward time"

        It is a drawback.

        "the stupid keyboards sleep and miss your first few keystrokes"

        Huh. Haven't noticed that.

  3. Anonymous Coward
    Anonymous Coward

    Dumb Q : How is this different to MOUSEJACKing?

    1. Anonymous Coward
      Anonymous Coward

      Different keystroke injection vulnerabilities

      In MouseJack attacks, you send unencrypted data packets to the USB dongle (receiver) even if the targeted wireless keyboard itself only sends encrypted data packets, and you get keystroke injection because the USB dongle accepts and interprets the unencrypted data packets as well (MouseJack keyboard spoofing vulnerability) and sends corresponding USB HID data (keystrokes) to the connected computer system.

      The keystroke injection vulnerability shown here is not based on accepting unencrypted data packets but on cryptographic issues concerning AES counter mode used in different wireless desktop sets, like the targeted ones from Cherry, Logitech, and Perixx.

  4. John Smith 19 Gold badge
    FAIL

    OMFG Wireless peripherals using proprietary protocols are insecure.

    Who knew?

    Aside of course from anyone who'd thought about it for a few minutes.

    1. Trigonoceps occipitalis Silver badge

      Re: OMFG Wireless peripherals using proprietary protocols are insecure.

      Yes, but first you have to work out the protocol. That'll stop you!

      1. John Smith 19 Gold badge
        Unhappy

        "Yes, but first you have to work out the protocol. That'll stop you!"

        Because security by obscurity has worked so well every other time it's been used before.

        Who wouldn't use it?

  5. A K Stiles
    Joke

    Wait, what?

    You mean this wireless keyboard and mouse attempt to use some sort of encryption / security? I'd just assumed they were plain text from the start!

    1. Robert Moore
      Coat

      Re: Wait, what?

      You mean this wireless keyboard and mouse attempt to use some sort of encryption / security? I'd just assumed they were plain text from the start!

      Rot13. The really secure ones use double rot13.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021