The Hacking Beacon

Mechanical PIN-Entry keypads such as the used in secure payment terminals, ATMs, keypad lock on door, etc; can be vulnerable to attacks based on differentiating the sound emanated by different keys. The sound of button clicks can differ slightly from key to key, although the sound of clicks sound very similar to the human hear. Several research studies have demonstrated that it is possible to recover the typed data from the acoustic emanations and has been a known source of concern and present a threat to user privacy; see the References section below. Besides, keypad emanations are specifically tested in the PCI SSC PTS security-testing process required for the approval of secure payment terminals. The "Monitoring During PIN Entry" testing requirement, verifies that there is no feasible way to determine any entered PIN digit by monitoring sound, electro-magnetic emissions, power consumption or any other external characteristic available for monitoring . Precisely, thes

The SARK-110 can be controlled from a computer using scripts written in Python programming language . For this purpose, there is an open source library and examples written in Python that facilitates this task and can be used from Windows, Linux or Mac OS. The library includes some basic examples that are normal Python scripts, and also some examples written as Jupyter Notebooks . As described in the Jupyter website , "the Jupyter Notebook is an open-source web application that allows you to create and share documents that contain live code, equations, visualizations and narrative text. Uses include: data cleaning and transformation, numerical simulation, statistical modeling, data visualization, machine learning, and much more" . The provided notebook examples, such as   https://github.com/EA4FRB/sark110-python/blob/master/src/plot_example.ipynb , illustrate how to use the libray or more properly stated, the Python Sark110 class, and plot the acquired data.  There