Full Disclosure mailing list archives
Re: Does the following...
From: James Tucker <jftucker () gmail com>
Date: Sat, 11 Sep 2004 15:46:21 +0100
Just a couple of comments which are important for people to know. <snip>
- RF keyboards don't exist. Nobody's *that* unconcerned about security.
What do you think TV broadcasts (plain), radio (plain), GSM (heavy encryption scheme), bluetooth (reasonable encryption scheme), paknet (no encryption, but the modulation scheme is at this time uncrackable by any individual), wifi (don't even get us all started) are? ALL Radio Frequency communications.
- Bluetooth keyboards require a pairing process to work, so that's not too likely.
Bluetooth does have a higher degree of security than most other, "plain text" if you like, peripheral RF schemes. As I am sure you are all aware wifi is not exactly hard to crack the modulation scheme or the WEP keys.
In case you don't know, "typical" RF cordless keyboards and mice have been recorded to have effective ranges to around 150m (way beyond what the manufacturer's specs say): http://www.aftenposten.no/english/local/article427668.ece http://www.securityfocus.com/archive/100/374785
Amusing articles, but there are lessons to be learned here. 1) RF ranges are based upon the environments the transmitters and receivers are in. 2) RF can be boosted (both ends effective) by adding GAIN to ONE END ONLY. (Yes that means the coke can with a little wire out of one end hanging out of the next door neighbors kids window is in fact a wireless tapping antenna (joke, but this is not by any means impossible)) 3) "plain" RF on its own provides no security against someone who knows, evaluation of modulation schemes and data protocols is essential.
Agreed -- these were stabs-in-the-dark by folk who forgot to understand the problem description before responding...
Are the wireless device and speech recognition ideas really that much more "likely", they are all "ideas" and are all possible in some way or another. If anyone wants to learn more about RF, consider some introductory courses from places such as Proxim. RF is not IP, the rules are _VERY_ different. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Does the following..., (continued)
- Re: Does the following... Mister Coffee (Sep 10)
- Re: Does the following... nobody (Sep 10)
- Re: Does the following... Nick FitzGerald (Sep 10)
- RE: Does the following... Esler, Joel - Contractor (Sep 10)
- RE: Does the following... Chmielarski TOM-ATC090 (Sep 10)
- Re: Does the following... Andrew Farmer (Sep 10)
- Re: Does the following... Valdis . Kletnieks (Sep 10)
- Re: Does the following... Andrew Farmer (Sep 10)
- Re: Does the following... Mister Coffee (Sep 11)
- Re: Does the following... Nick FitzGerald (Sep 11)
- Re: Does the following... James Tucker (Sep 11)
- Re: Does the following... Nick FitzGerald (Sep 11)
- Re: Does the following... James Tucker (Sep 11)
- Re: Does the following... Andrew Farmer (Sep 10)