keyboard sniffing video question

[nils at hemmann.de (Nils)]

At the first video they run:  ~/keyboard.eavesdropper/decode  and no
parameter on how long or for how many key strokes it will run.
Then the output states: A total of 12 traces were acquired.
I assume it is hard coded in the program.

The second video shows the following program:
~/keystroke.recovery/decode8char
It looks like an 8 after decode which could indicate that they are after 8
key strokes.
Then the output states: A total of 8 traces were acquired.

I remember me at the age of 12 sniffing my parents phone line with an
electronic construction kit for children using some wires as an antenna.
That was 23 year ago.
So I believe that thing here is working!

Cheers, Nils



> 2008/11/26 Larry Pesce <larry at pauldotcom.com>:
> > Ahh, I get it.
> > as in, how did the monitoring know when to stop?  They could have typed
> > forever, and you are saying ot would have likely stoped after 8 or 12
> > characters.  What was the terminator to stop the listening.
> > Certainly an opportunity for shenanigans.
>
> Thats it. If you look at the command line there is no length parameter
> and it can't be working off the enter key or anything like that as it
> has to go into processing mode to work out what the keys are.
>
> But, if it is a scam it is a very elaborate one and they will get
> massively slammed if it turns out to be BS so I can't see why they
> would make it up.
>
> > - L
> > On Nov 26, 2008, at 10:20 AM, Robin Wood wrote:
> >
> > I was actually meaning the opposite, they typed in 12 characters and
> > their system recognised exactly 12 characters before it left listening
> > mode and started processing, the second one it stopped listening after
> > 8 characters. With interference it would have to be very precise to
> > know that it had hit exactly the right amount of characters it was
> > expecting and it looks like it can only listen or process, not both at
> > the same time. This may just be because it is a prototype  but
> > something just didn't quite ring true about it.
> > Robin
> > 2008/11/26 Paul Asadoorian <paul at pauldotcom.com>:
> >
> > It seems to me that there is a potential for a lot of interference with
> > this experiment that would make it behave differently in real life.
> > Could this account for the extra characters?  Possibly...  Anyone else
> > have any thoughts on this one?
> > Robin Wood wrote:
> >
> > I've just watched a couple of videos on the keyboard sniffing and
> > looking at the software it was wondering how it knew when to start
> > decoding. The screen showed a list of collecting key messages then
> > decoding messages. The first video was 8 characters (password) the
> > second 12. It could have been hardcoded for the demo but it seems a
> > little odd.
> > I'd like to believe it is true but this just makes me question it a
> > little
> > bit.
> > Robin
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> >
> > --
> > Paul Asadoorian
> > PaulDotCom Enterprises
> > Web: http://pauldotcom.com
> > Phone: 401.829.9552
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> >
> > - L
> > Larry "haxorthematrix" Pesce
> > Email:   larry /at/ pauldotcom.com
> > Web:     http://pauldotcom.com
> > IRC:      #pauldotcom | irc.freenode.net
> >
> >
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com