Is Your Logitech Wireless Keyboard Spying On You
With an antenna and wireless dongle worth a few bucks, and a few lines of Python code, a hacker can passively and covertly record everything you type on your wireless keyboard from hundreds of feet away. Usernames, passwords, credit card data, your manuscript or company's balance sheet -- whatever you're working on at the time.
Is your Logitech wireless keyboard spying on you
Here's how it works: a number of wireless keyboards use proprietary and largely unsecured and untested radio protocols to connect to a computer -- unlike Bluetooth, a known wireless standard that's been tried and tested over the years. These keyboards are always transmitting, making it easy to find and listen in from afar with the right equipment. But because these keystrokes aren't encrypted, a hacker can read anything on a person's display, and directly type on a victim's computer.
This isn't the first time wireless devices have put their users at risk. Bastille was the company behind the now-infamous MouseJack flaw, which let hackers compromise a person's computer through their wireless mouse. Even as far back as 2010, it was known that some keyboards with weak encryption could be easily hacked.
Logi Bolt products are pre-paired to their Logi Bolt USB receivers in the factory, so set-up is truly a plug-and-play experience - virtually eliminating any need for Help Desk support. Plus, people can pair up to sixRequires Logi Options+ software, available for download for Windows 10 or later, macOS 10.14 or later. Logi Bolt wireless mice and keyboards to a single Logi Bolt USB receiver - saving precious USB port space and eliminating the need to move mice and keyboards between different work setups.
Though Logi Bolt products cannot be paired with other Logitech USB receivers, and vice versa, in many cases Logi Bolt products can be used simultaneously with other Logitech wireless products on the same host computer. Just keep this in mind: when possible, the best option is to plug your Logi Bolt USB receiver into a port, then power on your Logi Bolt wireless product. This ensures you get the strong signal and security that Logi Bolt offers when paired with its Logi Bolt USB receiver.
Under the California Consumer Privacy Act of 2018, as amended, including by the California Privacy Rights Act of 2020 (together, CCPA), California residents have specific rights around Logitech's collection, use, and sharing of their personal information. We do not sell your personal information, and we will not do so in the future without providing you with notice and an opportunity to opt-out. If you require this notice in an alternative format, please email email@example.com or call our toll-free number +1 800 711 8156.
You can learn more about how to submit a data rights request through contact details located within this policy. You may also send your request by email to firstname.lastname@example.org or call our toll-free number +1 800 711 8156. An agent may submit a request on your behalf, but you must provide proof that the agent is authorized to do so by providing the agent with a signed letter giving permission to submit a request on your behalf and you must confirm that authorization directly with us by sending an email to email@example.com.
Logitech Options allows you to customize your mice, keyboards, and touchpads on your computer. Logitech Capture software allows you to record video and audio on your computer and change the settings of the camera. This software also offers you the ability to back up your device settings to the cloud so you can transfer those settings to other computers and set up your devices easily.
We do not collect the data you insert while using your mice, keyboards or touchpads. A Keystroke assignment refers to when you customize your device and assign a shortcut, our apps require permission from you in order to perform the assigned shortcut.
Although any computer using a vulnerable device is potentially affected by the exploit, not all wireless keyboards and mice are affected, Newlin says. Devices that connect over Bluetooth are safe from this hack for two main reasons: They use different frequencies to connect the device to the computer, and Bluetooth verifies that the connecting device is what it says it is during an authentication process. The vulnerabilities that Newlin exposed are specific to radio frequency chips made by Nordic Semiconductor, and how those chips were designed to work by the keyboard and mouse manufacturer.
The Logitech MK550 Wireless Keyboard is an ergonomic, budget-friendly keyboard that even comes with a Logitech wireless mouse. You get the mouse and a keyboard designed with a curved layout and integrated palm rests for reduced stress, lower wrist fatigue, and better, more natural typing.
The Logitech K780 Multi-Device Wireless Keyboard was made to work easily with all your devices. Via Bluetooth connectivity, this keyboard can connect to your computer, phone and tablet. Plus, it comes with an integrated phone and tablet stand and supports a 10-meter wireless range over Bluetooth.
However, if almost every user is aware of the threat of having his Wi-Fi data hijacked, as well as that of a VPN being a secure protection tool (not against interception or metadata collection, only from decryption of intercepted data), if there is nothing to intercept between a device that is being charged and wireless charger, your wireless mouse, keyboard and computer constantly exchange information, and this information can be easily intercepted.
An attack may lead to disastrous consequences. Suppose, you are going to make an important presentation, and your mouse and keyboard suddenly stop responding. It would be extremely difficult to identify the reason for the problem and, of course, the source of the attack since an attacker might be sitting in his car in a parking lot of a shopping mall.
Make sure to check if the device you want to purchase supports encryption for data transmission. It is especially important when it comes to wireless keyboards. If you already use a wireless device, check if your model has encryption from the developer. 128-Bit AES is the most suitable encryption algorithm that offers a fast and secure performance. Here is an example of Microsoft keyboards with AES encryption.
A computer security research team has identified a weakness in several brands of low-cost wireless keyboards that could allow hackers to view and record every word, number and password typed by a user from up to about 75 metres away.
According to Bastille, an Atlanta-based research team, eight wireless keyboards made by companies such as Hewlett-Packard, Radio Shack and Toshiba send keystroke data from the board to the USB dongle that connects to your computer without the encryption needed to mask what someone is typing.
Wireless keyboards that connect to your computer with small USB dongles transmit keystrokes over a radio frequency, which Bastille was able to intercept using a radio transponder used for controlling drones that costs about $50 on Amazon, and an antenna that boosts the range to about 75 metres.
"We did not expect to see this. We didn't think it would be in clear text. Hackers can intercept all the keystrokes from your keyboard up to 250 feet away. Through glass, walls, floors," Bastille's chief research officer Ivan O'Sullivan told BBC News.
The vulnerability that allows Keysniffer to work can't be fixed with a software or firmware update, so Bastille recommends that if you have an affected keyboard, you should replace it with a secure wireless board or a wired one instead.
This isn't the first time security vulnerabilities have been identified in wireless keyboards. In 2010, cybersecurity researchers discovered that the encryption used in certain Microsoft boards was easily broken.
Currently, the Logitech Wireless keyboard K230 retails for less than $30 on Amazon and the Logitech wireless mini-mouse 187 for less than $20. So, for $50 you get two peripheral wireless devices that will seriously improve your productivity and work on your Windows 8, Windows 8.1 or any other computer you might be using. Here are my impressions.
Here's a simplistic example of how they could exfiltrate data through the victim PC. Imagine that the hidden USB device contains a data logger, and records your secrets for a day or two. (The BashBunny does not contain a keylogger; it gets its data from scanning the host system. Of course it could install a key logger, then harvest the data at a later time.) When it's time to send the data, it generates USB messages that contain keystrokes, but the user isn't typing them. By hitting R, then typing _logger_dump_page.php* it can bring up a mostly empty-looking page with a hidden input box located so far down the screen that you need scroll bars to find it. Now, imagine the rogue keyboard hitting to slide the browser window completely off the screen, hiding it from the user's view. Next, the fake keyboard starts typing all its logged keystrokes into the input box (base64 encoded, naturally), and hitting when finished. Finally, after all the secrets have left the building, it types to restore the browser, then quickly types F4 to close the tab. Even if the user noticed the windows popping up before sliding out of view, it can happen so fast the typical victim won't have the chance to figure out what's happening.
WHY WE LIKE IT: This keyboard is certainly a handy little product, wireless transmitting signal to a large variety of gadgets, including smart TVs, video game consoles, smartphones, and tablets, with a cute form factor that fits in the palm of your hand. This is a great keyboard for folks who place a high priority on portability, as it can easily be thrown in a backpack to use somewhere other than your living room.
The Fosmon Portable Lightweight Mini is a compact keyboard with Bluetooth 3.0 connectivity right out of the box, allowing you to easily control any smart TV, streaming mobile device, tablet, or phone that supports the wireless technology. It can also be charged via USB and offers a backlight, both features helping to make this a must-have for the modern living room. The product is small and light, clocking in at just 8 oz, with a wireless range of about 33 feet. It could be a contender for the leading keyboards for iPhone.