Researchers say that small devices called JitterBugs could piggyback onto network connections to 
discreetly send passwords and other sensitive data over the Internet. Like the current keylogger hardware used by the FBI and criminals alike to record passwords and other data, JitterBugs are small devices that attach to a keyboard and record what users type. Unlike current keyloggers, which store the data to internal memory, JitterBugs do not have to be retrieved before captured data can be read.
Although no such device has been found in the wild yet, researchers have developed a working prototype, and they postulate that similar ideas may have already been used in unnoticed attacks. In a paper titled "Keyboards and Covert Channels" (PDF format), University of Pennsylvania graduate students explain that the device could encode data in keystrokes by introducing an extra delay between when a key is pressed and when the keyboard tells the computer that the key has been pressed. Could your keyboard spy on you?
From around the Web
- How to Use Network Behavior Analysis Tools
- Apple updates Safari with 11 security fixes
- Mozilla fixes 11 Firefox flaws, six critical
- Google updates Chrome to third beta
- Firefox 3.1 beta arrives with JavaScript booster turned off
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Top 10 Network Security Threats
- Big leap in malicious Web sites
- Network security makes a quantum leap
- What is the Best Internet Browser to Surf the Web?
- Windows 7 UAC could be less of a nag
- Microsoft releases faster Desktop Search 4.0
- Vista users keen on SP1, but XP SP3 not so much
- Windows 7 Details In October, Microsoft Says