According to ZDNet, presenters at the CanSecWest security conference demonstrated a method of tracking keyboard input by analyzing the vibrations using lasers — from 50 to 100 feet away from the vibrations given off from the physical key input.
The team made sharp use of a laser microphone and photo diode — estimated cost $80USD. They then developed a dictionary to map the data from the device into which keys were pressed. The group stated that they could not use the device to record full sentences, but they do expect it to be capable of this in the coming months. They also stated that it was able to work through glass windows, but a direct line of sight is always required.
The only defence to this type of an attack would be making sure nobody is peeking at you, I guess.
If you’re not already subscribed to security related sites, here are the security related sites I am subscribed too that cover everything from botnets, phishing, vulnerability alerts, psychological security (social engineering) and video feeds like Hak5. (If you don’t have an RSS reader, then use google reader!)
schneier.com/blog/ — Bruce Schneier’s blog on security. If you don’t know who bruce is, check out the book he wrote called Secrets and Lies.
rootcompromise.org, packetstormsecurity.org, neworder.box.sk
kahrn.wordpress.com — Yes, this blog! I occasionally glaze over security related stuff.
hak5.org — Hak5 is probably the greatest security related podcast on the net!
Do you have any great security related sites/feeds you would like to share?
Don’t you just hate it when an over zealous web filter blocks you from almost everything useful on the web? Today I’m writing about methods of circumventing systems such as Websense or other web filtering software.
Websense is rather strict and is covered below. Other blocks may be possible to bypass using either web proxies or socks proxies.
Web proxies can be useful for a basic fix to filters and can bypass basic blocking systems or systems that rely on a blacklist of sites that have no or poor content checking. A great site (which just so happens to be mine) for finding web proxies is hexalist.com. If you’re a proxy owner, hexalist.com is also very useful for promoting your proxy.
Socks & HTTP Proxies
With the plug for hexalist.com over, I move on to socks/http proxies. These might work if the firewall restrictions in place are poor, but sadly the large majority of socks proxies are either offline or very slow.
Tor is able to provide you with anonymity, but usually unlikely to punch a hole through a firewall unless the admins are pretty darn poor. You can read more about Tor at torproject.org.
Another option for circumventing filters is tunneling traffic throught a VPN. Explaining VPN is beyond the scope of this article and not something I am very familiar with, but you can start reading about it here if you wish.
Bypassing Websense — The system used in educational institutions throughout the UK
Websense just so happens to be the most annoying system to bypass. HTTPS sites must be whitelisted, and the content checking is very good. But websense can by bypassed just like any other blocking system. The current favoured method for bypassing websense is using ultrasurf.
Here is some interesting news for you all. The BBC has performed an investigation into the effects of cybercrime — specifically what the capabilities of a botnet would be.
According to the BBC, 22k machines were compromised (without the owners permission) and then a botnet was formed. This botnet was then used to perform a Distributed Denial of Service attack upon a security firm (with permission). The BBC claim that they did not violate the computer misuse act as they did not have any criminal intentions.
I’m pretty sure that if this were any teen in a basement that compromised the security of 22,000 machines, and this reached the courts it would be considered as a breach of the computer misuse act. Peoples machines were compromised and controlled without prior permission. Hopefully this will make the general public more aware that not all hackers have malicious intent and may comprimise a system or tease an admin to warn them of a real threat.
You can also read more about it here.