Remote removal of EMI from the PS / 2 port
A very smart version of the keylogger was implemented by the employees of the laboratory of security and cryptography at the Polytechnic Institute of Lausanne (Ecole Polytechnique Federale de Lausanne). The method they created is able to recognize key presses by remotely scanning an EMP from a PS / 2 port, USB port, or laptop keyboard, and then analyzing the signal frequency. The fact is that when you press each key, an electromagnetic pulse with unique characteristics is created. You can remove it directly from the port, and then decrypt it.
In their work, researchers mention four different scanning methods, some of which work up to 20 meters away.
')
During the experiments, Swiss experts tested 11 different models of keyboards that were connected to the system unit via USB and PS / 2 connectors. All of them were vulnerable to at least one of the remote scanning methods even when tapping through a wall from the next room (the video can be viewed from the link above, screenshots under the screen).
Here is the workplace of the "electromagnetic intelligence operator."
For high-quality removal of EMR requires a rather massive antenna. It is aimed at the wall, behind which is the "victim".
The victim's laptop is on the table three meters from the wall, turned to the wall side. The DC cable was taken out of it so that the signal would be more clear.
The authors of the study emphasize that they used relatively inexpensive equipment in their experiments. For example, this is the usual oscilloscope.
They have no doubt that the quality of remote scanning can be significantly improved. Detailed results of the study will be published in the scientific press in the near future.
via BBC
In their work, researchers mention four different scanning methods, some of which work up to 20 meters away.
')
During the experiments, Swiss experts tested 11 different models of keyboards that were connected to the system unit via USB and PS / 2 connectors. All of them were vulnerable to at least one of the remote scanning methods even when tapping through a wall from the next room (the video can be viewed from the link above, screenshots under the screen).
Here is the workplace of the "electromagnetic intelligence operator."
For high-quality removal of EMR requires a rather massive antenna. It is aimed at the wall, behind which is the "victim".
The victim's laptop is on the table three meters from the wall, turned to the wall side. The DC cable was taken out of it so that the signal would be more clear.
The authors of the study emphasize that they used relatively inexpensive equipment in their experiments. For example, this is the usual oscilloscope.
They have no doubt that the quality of remote scanning can be significantly improved. Detailed results of the study will be published in the scientific press in the near future.
via BBC
Source: https://habr.com/ru/post/43127/
All Articles