From the 'friggin Laser beams' files:

LAS VEGAS. There are all kinds of ways that attackers can 'sniff' a users password, but laser beams and power cords?

No it's not Science Fiction, it's Black Hat.

Security researchers Andrea Barisani and Daniele Bianco gave a tremendously entertaining and informative talk here about how good old PS/2 keyboard leak though power lines and oh yeaah the lasers.

But first the keyboards.

"We

attacked PS2 keyboards and they have multiple cables inside of it,"

Barisani said. "The wires are close to each other and poorly shielded

so there is a leak of information from the data wire to the ground

wire."



Barisani noted that the signal from the

ground wire would also permeate to other electrical outlets in close

proximity. The two researcher showed some demo screens of what the

electrical wires actually showed - at this stage they were able to make

out letters. They didn't demo any kind of larger tool that could

actually turn all the letters into numbers and words, though they said

it was possible.



"We're confident that more expensive equipment can lead to more precise

measurements," Barisani said. "We're two idiots and we did this in one week."



Now

the laser beams is another story. The general idea is that the laser is

used as an acoustic microphone that could be used to remotely pick up

the sound vibration from a users keyboard. Somehow you can match that

acoustic vibration to words/numbers, but frankly I didn't understand

how that actually worked.

But it is something remarkable and according to their preliminary research very real too.

So how do you defend against these attacks? Tin hats of course