The security researchers have developed four attacks that work on a wide variety of computer keyboards.

As a result, doctoral students Martin Vuagnoux and Sylvain Pasini from the Security and Cryptography Laboratory at the Swiss Ecole Polytechnique Federale de Lausanne (EPFL) have declared that keyboards are "not safe to transmit sensitive information".

Overall, the EPFL students analyzed 11 different types of keyboards connected to a computer via either a USB or a PS/2 socket. The attacks they developed also worked with keyboards embedded in laptops.

Researchers used a radio antenna to "fully or partially recover keystrokes" by eavesdropping on the electromagnetic radiation emitted when keys were pressed.

They applied each of the four attacks on every keyboard and found that each one was vulnerable to at least one of the attacks.

"No doubt that our attacks can be significantly improved, since we used relatively unexpensive equipments [sic]."

One attack was shown to work over a distance of 20 meters.

In videos showing their early work the researchers are seen connecting keyboards to a laptop running on battery power. They avoided using a desktop computer or an LCD display to minimize the chance of picking up signals from other sources.

In one of the videos, researchers typed the phrase “trust no one”, and shortly thereafter they picked up each keystroke through eavesdropping.

The research builds on earlier work done by University of Cambridge computer scientist Markus Kuhn who looked at ways to use electromagnetic emanations to eavesdrop and steal useful information.

Source:redorbit.