Researchers have claimed that cyber criminals can monitor your keyboard strokes simply by measuring the amount of power that leaks from your computer’s power supply.
Experts from the security firm Inverse Path claim that power that is “leaked” from poorly shielded cables can offer vital clues as to what a PC user is typing to hackers further than 15 metres away, prompting fears of an increase in internal computer security breaches.
As part of the research, experts used an oscilloscope to measure fluctuations in voltage that occur when data is sent from keyboard to a PC. This data travels down poorly insulated PS/2 cables where they become earthed at the PC base unit. Data is then leaked at this point into the mains supply which can be picked up by simple monitoring equipment.
“Our goal is to show that information leaks in the most unexpected ways and can be retrieved,” wrote Andrea Barisani and Daniele Bianco, of the security firm, in a paper describing their work, as reported by the BBC.
The report claimed that the data picked up by the equipment was of a good enough quality to determine what key was pushed, with each keystroke having its own unique characteristic.
“The PS/2 signal square wave is preserved with good quality… and can be decoded back to the original keystroke information,” wrote the pair in a paper describing their work.
They demonstrated it working over distances of 1, 5, 10 and 15m from a target, far enough to suggest it could work in a hotel, office and even high-density residential areas.
“The test performed in the laboratory represent a worst case scenario for this type of measurement, which along with acceptable results emphasizes the feasibility of the attack on normal conditions,” they added.
