How can we get around key tracking?

02 September 2012



How can we get around key tracking?


Steven - It really depends on the model of the keyboard. Bluetooth keyboards and mice are reasonably secure, not perfect. Other ones often aren't, but you can still pick up some information, and in fact, research has shown that even though if you can just see the timing of when someone places in a key, you can work out what they're pressing because it takes longer to move from one side of the keyboard to the next, than just moving from one finger to the next.

Chris - Because Ross, one of the things I noticed when logging in to a bank I bank with today is that people are not asking me to type physical keys on the keyboard anymore but showing me graphics on screen and asking me to click the number 1 or 2, or 3 on the computer screen because presumably, software can understand numbers and the codes for keys, but it doesn't understand a picture.

Ross - Well, this is something that was tried out by Brazilian banks and the hackers couldn't find a way around it because if you put malware in your PC, then when this was tried in Brazil, what it will simply do is capture a little image around where you clicked and that gave them enough money to reconstitute the password. So nice try, but it's been tried before and it will predictably fail.


Add a comment