RE: Wireless Keyboard Security

I do not know enough to adequately speak of the subject so I won't. I will, however, put forth the topic of Bluetooth enabled peripherals, which I believe, do incorporate reasonable encryption. Thoughts?

-----Original Message-----
From: Pedro Venda [mailto:pjvenda_at_arrakis.dhis.org]
Sent: Wednesday, March 23, 2005 1:16 PM
To: security-basics_at_securityfocus.com
Cc: Alvin Oga; Badger, Jared
Subject: Re: Wireless Keyboard Security

On Wednesday 23 March 2005 05:25, Alvin Oga wrote:
> hi ya jared
>
> On Tue, Mar 22, 2005 at 04:13:16PM -0700, Badger, Jared wrote:
> > My job involves reviewing computer security at a bank, and I was very
> > surprised to see that nearly all of the computers at one of my branches
> > are using these wireless mouse/keyboard combos. It seems like this could
> > be a potentially serious security risk,
>
> yup .. big problem

I agree. This is a serious issue, and I don't think current hardware is
encrypting data. hardware sniffers can now be wireless too :-)

The wireless peripherals are now hype (not in the sense that they won't be
used further, but in the sense that everyone has one). with wireless
ethernet, there were security concerns (not efficiently solved) from day 1,
but most people overlook this issue on other peripherals, which I consider
very serious.

It'd be expensive for manufacturers to start producing peripherals with decent
encryption/decryption hardware, so I don't predict short/medium term changes.
After all, mose people (even on banks !!!) don't see this issue, so why would
the masses pay more for something not obviously necessary?

regards,
pedro venda.

-- 
Pedro Joćo Lopes Venda
email: pjvenda < at > arrakis.dhis.org
http://arrakis.dhis.org