Together with my colleague Matthias Deeg I’ve done some research on several modern wireless desktop sets. All of the manufacturers claim they are secure because they encrypt data using AES 128. All keyboards and mice use a proprietary communication protocol (not Bluetooth), therefore we were interested in if they are really secure. The result of the analysis was presented at several IT security conferences including Ruxcon in Melbourne, Hacktivity in Budapest, ZERONIGHTS in Moscow, DeepSec in Vienna and hack.lu in Luxembourg.
Update #1: Turns out other wireless desktop input devices (e.g. presenters) are vulnerable to.
Update #2: The paper is now available.
- Paper (PDF / 1.4MB)
- Video recording from DeepSec
- Slides from DeepSec (PDF / 8.3MB)
- Video recording from Hacktivity
- Slides from Hacktivity (PDF / 7.7MB)
- Article on syss.de (German only, with links to security advisories)
- Article on theregister.co.uk
- Article on lifehacker.com.au
- Article about presenters on syss.de (German only, with links to security advisories)
- Article about mice on syss.de (German only, with links to security advisories and PoC video)
- Article on about wireless mice heise.de (German only)