A worrying number of wireless keyboards from major companies can be hacked to grab passwords and other info from you.
Keyboards from companies like Hewlett-Packard, Toshiba, Kensington and GE are vulnerable and there could be many others not tested.
The broad problem is that the wireless connection is ‘in the clear’ or unencrypted so anyone who can snoop at the right frequency can ‘see’ which keystrokes are being sent to the computer.
Bluetooth keyboards are NOT affected because Bluetooth includes encryption by default.
One company, Anker, didn’t just say they were concerned about the issue. They took steps to help their customers. They stopped sales of the affected keyboards and are offering an exchange for their Bluetooth model (if the keyboard is still under warranty).
Kensington have released a firmware update but it’s not clear if that can be applied to existing devices. GE delegated the whole problem to the company who makes the keyboards.
The other companies haven’t responded at all. See the list here.
If you’re buying a wireless keyboard make sure the connection is encrypted or Bluetooth. We prefer the Bluetooth option because it’s a widely supported standard for a wide range of devices. Wireless mice aren’t as much of a concern because the info transmitted doesn’t make much sense on it’s own. Even so, it’s best if that’s also encrypted so look for a Bluetooth mouse.
http://www.keysniffer.net/ has all the details on this problem.
