They can do it with no physical access to the box, or to any communications cables; just a tap on the same power line up to 15m away. How's that BS?

While it technically is tapping a wire, it's much more analogous to the old CRT (or as sjgadsby pointed out, modem-light) snooping.

Well, even if it's theoretically 15 meters away, I still call shenanigans. There's no way you can track what someone's typing by monitoring electrical signals over mains power. The signals going to the computer are not THAT unique. And besides, if they're looking for the tiny spikes caused by typing, secondary activity on the computer would immediately render that null and void as it'd put extra noise on the line. Assuming such a thing was even possible in the first place.

Why? <extra chars for the board>

Wouldn't it be way easier to kidnap the person who's typing, beat him/her senselessly till he/she is almost dead and then get all the information we want nicely written on paper while drinking a cup of coffee?

Ah, technology, always forgetting to put the heart in mobster business...

I second what Lord Raiden said, the depicted scenario would maybe work if the PC is the only thing connected to a wall plug, the cable are in perfect shape with superior insulation from EMI and the "listener" has Sci-fi technology took from the alien ship that fell in Roswell some time ago...

The link you want is probably:
http://lasecwww.epfl.ch/keyboard/

This is not exactly news... In different forms this is known to be possible with various equipment for decades, see http://en.wikipedia.org/wiki/TEMPEST#Public_research for some further info.

It's not as SF and Alien tech as you might think (yes, I'm actually an EE).

Because they demonstrated snooping characters over an AT / PS/2 serial link; switching to a different link of the same type isn't going to be the fix.

For those claiming this is "theoretical", I'm aware general-news outlets reporting on papers often get things wrong, but the BBC piece does quote the paper as saying the tests verifying success were performed for a "worst case scenario". Now maybe that was the shorter-range tests, and the 15m wasn't worst-case; maybe I'd disagree with them on what constitutes realistic worst-case conditions; but if they've got a POC working at 15m under any realistic conditions at all, it should be quite feasible for a dedicated solution to be successful enough to be useful.

One problem I do see, on thinking more about it, is with laptops; since laptop PSUs generally don't have a ground link, they're likely to be practically immune to this approach, between the reduced coupling to the hot and neutral lines, and noise from switching PSUs. But as attilla77 pointed out, keyboard sniffing is possible from RF emissions with the laptop completely disconnected.

As to whether it's more practical than other options, you're right, for many scenarios rubber-hose cryptanalysis is easier than any password sniffing, and there's many scenarios where other sniffing techniques would be easier/cheaper. But there are a couple benefits: sniffing in general is non-intrusive, so you don't just get information now, you get a login for an indefinite period. And this particular technique would be useful for cases where the target machine is offline (e.g. sniffing local passwords for later remote-login attempts) or on an uninterceptable network, but still plugged into an accessible power circuit.

While the power-line sniffing does potentially suffer more interference than RF snooping with a highly directional antenna, it has the potential to be very unobtrusive; it could allow long-term unattended snooping in computer labs and net cafes where . (I, at least, always ok, usually check cables for hardware keyloggers when I use a publicly accessible machine, but I don't check for mysterious boxes plugged into powerstrips.)

[QUOTE=Benson;304583]Because they demonstrated snooping characters over an AT / PS/2 serial link; switching to a different link of the same type isn't going to be the fix.
/QUOTE]

Sorry, still don't get it. If I install an On Screen Keyboard, and click the characters with a mouse, AT or PS/2, how are those characters getting transmitted across the serial link?

And this other EE here thanks you for the valuable information you linked
I was joking about SF and alien technology, but I still don't consider this a threat compared to other way of stealing informations...

We oughta make a club

Of course, often people embark about discussing (and even working) on sophisticated security procedures while leaving open very simple (e.g. human) concerns - and a hacker/cracker will always attack at the weakest point known/exploitable to him. TEMPEST style data acquisiton is interesting because it is virtually undetectable. Mobster and other head on techniques are simpler, but are more like quantum physics, can't actively find out stuff without actually interfering with the processes and particles involved That, in turn, might actually be a part of procedures (e.g. what to do if forced to give out credentials, how to detect moles and information leaks, etc).

Could be a good idea

Virtually and probably practically; the biggest issue though is that nowadays it's easy to find many machines in small areas, so it could be very hard if not impossible to find a relation between the leaked information and a possible target... at least it would take a long time...


That was a joke too