Long story short, the only keyboard I used to and like is bluetooth one.
I already tried 2 other keyboards specifically because of Qubes, but it’s very uncomfortable for me for various reasons.
Is there any chance I can make the connection secure somehow? I can wait for the connection and run tests if needed, or whatever it takes.
1 Like
It is not really possible to secure this, but you could secure the room maybe. This depends against what you want to secure your keyboard connection.
1 Like
Depending on the threat model, no keyboard would be secure anyway because it’s possible to snoop what is typed using different techniques.
1 Like
What do you mean by securing the room? Faraday cage?
Can you explain please?
What about wired, 2.4ghz connections?
1 Like
Yeah maybe a faraday cage to prevent waves to escape, I don’t have enough knowledge on that field.
It could be possible to snoop electronic fields of typed keys on a regular keyboard to figure what you type, or analyse the rhythm of typing and guess what was typed using a laser on a window of the room where you use the computer.
This can go far, and I’m not even an engineer in this area so there may be more techniques I’m not even aware of.
It’s important to define the threat, because for instance if you want to prevent your non tech savvy neighbour to sniff what you type, not having them behind your shoulder is enough even if you use a bluetooth keyboard.
1 Like
Obviously I’m not running nuclear program inside my house for Israelis to hack me with this kind of attacks, so I’m not really following you.
As far as I read on this forum, bluetooth is highly insecure by its nature, similar to wifi, except that with wifi I can check the connection on my router and I can’t do the same with bluetooth.
As for 2.4ghz and especially wired one, I’m not so sure it’s easy to hack it.
1 Like
I asked you what you want to protect against, I’m trying to illustrate that depending on the threat, mitigations can go from “not having someone behind your shoulder” to “being underground inside a faraday cage”.
Of course, these examples are extremes, but for instance I don’t care about using a bluetooth device at home as there is no one in a 150 meters radius, although it would be more of a concern if I was living in a highly populated area in a building.
1 Like
Sorry if I sounded harsh.
I do live in an urban block in a big city and I can’t make anything as faraday cage out of one of my rooms. Physical(regarding someone sneaking behind my shoulder) protection is not needed, as far as I can tell.
I’m more concerned of someone hijacking the bluetooth connection without me noticing it, as with wifi for example.
I’m trying to check if there’s anything I can do in that regard, so I could somehow eventually use a bluetooth keyboard with the same or almost the same level of protection as 2.4ghz keyboard, as I’m desperate with this situation.
1 Like
You could use some barriers without building a full Faraday cage. You can
also use Bluetooth Jammers, to lower the risk of Data loss, or try using
BlueTooth in low power mode to restrict the range, if that’s
configurable on your device.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
2 Likes
Bluetooth on modern devices is encrypted by default, so under normal circumstances the risk is relatively low. That said, it’s still possible to exploit vulnerabilities:
-
Older Linux kernels had Bluetooth-input settings that violated the specification, opening the door to attacks.
(See commit: Making sure you're not a bot!) -
Early Bluetooth specifications permitted the use of shorter encryption keys, which are susceptible to man-in-the-middle attacks.
(See commit: Making sure you're not a bot!)
Finally, if your threat model includes a highly capable adversary—one who can exploit zero-day flaws in Bluetooth—you should also worry about physical attacks. In most cases, an attacker who can compromise your wireless keyboard could instead simply break into your home and swap it out for a malicious device.
3 Likes