Researchers at security firm Bastille warn that many wireless keyboards can be very easily intercepted so hackers can see exactly what is being typed. With a very simple dongle called Keysniffer, it is possible to snoop on usernames, passwords and anything else that is being typed from up to 250 feet away.
In all, Bastille found that eight manufacturers produce keyboards - meaning there are millions in use - which use unencrypted radio communication to transmit easily captured clear text. The problem affects non-Bluetooth devices from the likes of Anker, Hewlett-Packard, Kensington and Toshiba.
The list of problematic, insecure keyboards has been published on the Bastille website, but the company warns that it should not be considered complete. "Please note: we have tested the above products, but this should not be considered an exhaustive list of all vulnerable keyboards. There may be other brands/models that are vulnerable to this, or other attacks".
While the problem is well known and not new, Bastille says that the companies have done nothing to either rectify the issue, or to warn users about it. The researchers explain:
The solution? Switch to a wired keyboard, or upgrade to a decent Bluetooth keyboard that offers some level of security. Upgrading is important as in many cases there is no fix due to the impracticality, or impossibility, of updating keyboard firmware.