As was abundantly clear at CES 2015, one of the big trends in tech is the fear - justified and/or paranoid - that someone is watching you.
Well if they have £6, a spare Adruino and decent proximity to your wireless keyboard, they can.
This new gadget - a project by a security researcher, rather than a commercial product - is an amazingly simple, and thus horrifyingly obvious device which is able to silently pick up signals from RF keyboards - and log every button press you make.
Samy Kamkar built the 'KeySweeper' to demonstrate how easy it is to intercept signals from Microsoft wireless keyboards. It looks just like a USB charger and sends back the data to a hacker nearby.
The device is also able to watch for certain combinations of letters and numbers - say something tH4t L00k5 liK3 @ pa55w0rd and send a text message to the hacker with the information.
In theory it would be relatively simple for a hacker to use this device to capture passwords or other information. In practicality, it's hard to know just how this would work - if someone has access to your personal space for long enough to install this, you may have bigger problems. You can also just use a Bluetooth keyboard, which isn't affected.
I've released http://t.co/OLldCUqn7i, a camouflaged USB charger+Arduino to sniff Microsoft wireless keyboards. SMSs & logs keystrokes online— Samy Kamkar (@samykamkar) January 12, 2015
A Microsoft spokesperson told the Telegraph: “Keyboards from multiple manufacturers are affected by this device. Where Microsoft keyboards are concerned, customers using our Bluetooth-enabled keyboards are protected from this type of attack. In addition, users of our 2.4GHz wireless keyboard designs from July 2011 onwards are also protected because these keyboards use Advance Encryption Standard (AES) technology.”
Still it's an intriguing illustration into the reality of online security: the big flaws in the system are usually really, really simple. And obvious. In retrospect.Suggest a correction