This is some cool research done by Dreamlab to “hack” the latest Microsoft 27 MHz wireless keyboards. It looks like the hardest part was reverse engineering the proprietary protocol. After that, the encryption was trivial, and the key was even passed in the clear.
There are more technical details in the PDF paper, such as this gem:
The one byte USB Hid code is encrypted using a simlple XOR mechanism with a single byte of random data generated during the association procedure.
That’s a pathetic attempt at security, really. Maybe Microsoft were hoping that no one would try hacking a keyboard, or that the new protocol would save them, but they should know better by now.
Post a Comment