Hack Into Laptops Via Power Outlet, Lasers

[d_kuhn]

In order to monitor the ground line and actually get a usable signal you'd need to be right at the power outlet that the machine is plugged into... it's not like some guy is going to clamp onto the ground strap outside your house and do it. It still may be useful for someone who has access to your home but it's not a particulaly useful hack compared to say a keylogger that can be remotely installed and monitored.

The laser thing doesn't make any sense... you might get a vibration but a vibration by itself only tells you a key was hit... not which one. You could conceiveably use multiple lasers to triangulate but damn that would be difficult to setup and get to work reliably.

 

[brendano257]

[citation][nom]_cubase_[/nom]I have a better idea to steal someone's important information using a laser pointer. Shine it in their face to stun them, punch them out, grab the notebook and run![/citation]

Blunt and to the point, not bad.

But though people moving and everything around you I doubt it would be easy to maintain a line of sight, forget that, how would you keep a laser in the same spot for multiple minutes without equipment like a tripod...little suspicious looking I would say.

 

[Guest]

I think the laser method more does NOT work than it does. If I stomp my feet on the ground,move my chair or just put my cup of tea on the table, the vibrations the laser detects make the results go haywire.
Also,the keystrokes could be captured by electrical signal only if:
1- The laptop is connected to a grounding pinn
2- The laptop that 'sends' the keystrokes is not too far away
3- There are not more than a couple of laptops in the vicinity.
4- The powersupply does not use some sort of filter, and on latest laptops,they have digital powersections. Digital powersections,and analog transformers connected to voltage filters often block these methods.


If the distance to the laptop is too great, the signal will be weakened, seeing that the grounding pin works as a resistor, or as a filter for weak signals. Every house built should have at least one grounding pin.

 

[Guest]

Yeah, this would not only work, but work well... Yeah, thanks to the awesome error correction that my notebook powersupply does, it'll check the integrity of all of the packets that are sent down the 120v outlet... It also boasts an ultra-low jitter clock to ensure that the signal is easily intelligible...

 

[igot1forya]

My laptop does not have a ground wire... how would that work? Also, what if you had your PC plugged into an UPS or inline power filter? If anyone has read the articles on the poor performance of Hot-Plug Networking, I doubt this would be very reliable either.

The laser concept is interesting, again I see so many obstacles to overcome. These all seem like proof of concept.

Seems Rube Goldberg'esk if you ask me.

 

[joebob2000]

[citation][nom]D_Kuhn[/nom]The laser thing doesn't make any sense... you might get a vibration but a vibration by itself only tells you a key was hit... not which one. You could conceiveably use multiple lasers to triangulate but damn that would be difficult to setup and get to work reliably.[/citation]

It's been demonstrated that with a long enough recording and with a fair bit of programming, you can map each key to a unique sound. This is aided by the fact that aside from the password, most users proceed to type relatively normal words out. Take the map, run it through a simple cryptanalysis tool that tests strings of symbols against a dictionary and before long you have a map of each sound to each letter on the keyboard. The relatively novel part is that they are now going to use that in conjunction with remote listening devices like laser interferometry to do this from a great distance.

 

[downer88]

Ha, have you ever listened to bad onboard audio with lots of EMI feedback from keys, mouse, programs, etc.? How is that going to translate into specific keys through a transformer? Those electrical grid LAN arrangements don't even work very well! Those laser and electrical listening techniques sound like it would take to long to isolate which key was hit.

Sounds as practical as back in the day when photocopiers had to have clean sheets of paper run through them after use, or when screens had hoods over them to keep people from reading the heat signatures!

 

[Guest]

The CIA was/is able to tell what is being typed in an IBM Selectric Typewriter by measuring the current draw, they can tell how far the internal motor moved and therefore what keys are being types. You can find this documented by several sources. Could something like this be extended to laptops and their powersupplies? Not sure.

 

[TwoDigital]

Good luck with that 'power grid' exploit... in theory it works great, but that's assuming your laptop is the only thing plugged into that portion of the circuit (your 'scanning' device must also be plugged into that circuit somewhere but your OWN keystrokes and power draw will muddy up the current on that circuit as well.) To be successful, you need a self-powered power meter plugged into another outlet on that same circuit (where NOTHING else is running... heaven forbid not a refrigerator...) to scan the current flux. It's TOTALLY possible under ideal conditions, but like I said good luck.

BTW: You can't pick up the voltage variations on other outlets that are separated from the device by a circut breaker, power conditioner, or any other isolater or electromagnetic wave balancer.

 

[neodude007]

I like how everyone here THINKS they know what they are talking about claiming all these things could mess up the methods and such. I didn't realize the people that present at the Black Hat conference were n00bs, maybe I missed a memo.

 

[downer88]

Is the Black Hat (R) USA conference ISO 9000 certified now? lol

 

[romansky]

I think they should check out my poop after I log in to my station, they might find my user name and password there!