Millions of Popular Wireless Keyboards Vulnerable To Latest ‘Keysniffer’ Hack
Well, Bastille is back, this time with 'KeySniffer', another vulnerability (or set of vulnerabilities) that has apparently also deserved its own logo.
While it'd be easy to jump to conclusions that Bluetooth is probably at fault here, that's not the case. Instead, non-Bluetooth keyboards from eight different vendors are affected, with Bastille claiming that interception could happen from "several hundred feet away".
Bastille has a list of affected products (seen at the URL below this post), with vendors including Anker, EagleTec, General Electric, Hewlett-Packard, Insignia, Kensington, Radio Shack, and Toshiba. To date, three of these companies have responded to the issue, and have promised to either fix the issue or offer refunds.
Bastille notes that its list of affected products is not considered exhaustive, so there could very well be models from the same vendor, or other vendors, that are vulnerable just the same. If your wireless keyboard promises encryption, and uses Bluetooth, you should be able to feel pretty safe. According to Bastille, absolutely none of these affected keyboards use any sort of encryption, which is an appalling design in this day and age.