-
November 22nd, 2005, 05:18 AM
#1
Cracking safes with thermal imaging
In short, virtually all keypad entry systems - as used in various applications, including building access control, electronic lock safes, ATM input, etc - are susceptible to a trivial low-profile passphrase snooping scheme. This attack enables the attacker to quickly and unobtrusively recover previously entered passphrases with a high degree of success. This is in contrast to previously documented methods of keypad snooping; these methods were in general either highly intrusive - required close presence or installation of specialized hardware - or difficult to carry out and not very reliable (e.g., examining deposited fingerprints)...
http://lcamtuf.coredump.cx/tsafe/
\"And life is what we make it. Always has been, always will be.\"
-
November 22nd, 2005, 06:52 AM
#2
Thats pretty scary... Splinter Cell kinda stuff but, with every technology there is ways to crack it and ways to protect it... its a never ending cycle so im sure they will come up with someway to combat this.
-
November 22nd, 2005, 08:18 AM
#3
That's pretty neat stuff but I was totally thinking about ppl who type in their numbers really fast or if a person holds his finger on a certain button too long. I'd actually like to see the successful vs. non-successful attempts with this technique though.
This and the acoustic keylogger are really interesting though. They are like stuff right outta a spy movie.
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"
-BOFH
-
November 22nd, 2005, 03:18 PM
#4
Just make sure to blow on the keypad once you are done entering your code. I also have to wonder how useful this would be on an ATM where the keypad is also used to communicate with the teller device. When you go to an ATM you almost always have to enter a numeric value, either what you are deposting, transferring, or withdrawing. That would certainly skew the results. For a safe or door lock I would see this as being more probable.
But it is easily overcome by having a steady stream of warm air blowing on the keys, or using a thermal blocking material on the keypad. I would venture to guess that ceramic keys would not transfer heat as quickly.
It would be interesting if they put this into practical use on more devices.. I'd do it, but I don't want to spend 10k on one of those thermal imaging cameras..
-
November 22nd, 2005, 10:17 PM
#5
has anyone ever seen an ATM thats got a layer of ice on it? are they heated? just thinking...
i2c
-
November 23rd, 2005, 10:27 AM
#6
Junior Member
Theoretically, if the thermal imaging system is accurate enough, it can even trace the sequece of the keypress because of heat difference...
-
November 23rd, 2005, 10:07 PM
#7
They should be. The internal components are pretty touchy to cold. The keypad and screen being outside take a beating though.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|