Security of Quiet Pro controller?

[Burz]

Could your microcontroller expert comment on the possibility of a Quiet Pro keyboard having its controller firmware changed over the USB link? This is assuming the OS of a connected system has been completely compromised.

The report on #badBIOS has raised important questions about devices which get plugged into a great number of systems over their lifetime and possibly act as a vehicle for malware. I also noticed that J. Rutkowska at ITL (security research) has commented "Generally USB keyboards is something we really don't like...". The picture I'm getting is not encouraging, but can Matias provide any reassurance about their products?

[BucklingSpring]

I'm curious, why are you targeting Matias for this question. Wouldn't this be a concern for any USB keyboard?

Sounds like a 5 years old story on Mac keyboards.

[Burz]

I'm curious, why are you targeting Matias for this question. Wouldn't this be a concern for any USB keyboard?

Simple-- Because I use my Matias keyboard and want to keep using it (safely) for a long time to come. Also, doing a general shoutout in the keyboards subforum would probably yield zero manufacturer responses. So, best to start here.

If I had bought a WASD or TECK instead, I would have asked one of them. In time, I may ask them anyway.

[dante]

Is it possible to use a PS/2 converter to get past the issue?

I still think the Ducky Shine 3 is a time bomb waiting to happen with the number of patches being applied to it.  If you can add new lighting modes what's to stop someone from redirecting keystrokes?

[Matias]

Could your microcontroller expert comment on the possibility of a Quiet Pro keyboard having its controller firmware changed over the USB link? This is assuming the OS of a connected system has been completely compromised.

The report on #badBIOS has raised important questions about devices which get plugged into a great number of systems over their lifetime and possibly act as a vehicle for malware. I also noticed that J. Rutkowska at ITL (security research) has commented "Generally USB keyboards is something we really don't like...". The picture I'm getting is not encouraging, but can Matias provide any reassurance about their products?

It's interesting that I saw your question within minutes of seeing this suggestion from another GHer...

Layout: Never one fits all. No one can design universal layout for everyone. Programmability is required.
1) Reprogrammable controller.
The keyboard will get to be fully programmable by user community endeavor if MCU datasheet and toolchain are publicly available. No need extra customer support cost for manufacturer!
Widely pervasive Atmel AVR or ARM Cortex is preferable? I think we'll happily pay the cost for that if it is like $5-10.

Anyway, to answer your question, no that's not possible.

They would need to gain physical access to the keyboard to be able to change it, and they would need to know technical details which we have not disclosed.  It's not enough to just run some software.  If someone malicious gains physical access to your computer, the keyboard is the least of your concerns.

Setting aside all the technical and logistical hurdles to doing this, the microcontroller in the keyboard doesn't have enough memory to store anything more than the keyboard layout, so it wouldn't have anywhere to put any information captured.

With regards to security, wired keyboards are as safe as they come.  You don't need to worry.

[BucklingSpring]

Thank you Matias for the update. I feel much safer ;-)

I like Dante's suggestion to use a PS/2 port. The PS2 marketing guys must jump on this opportunity to prolong the life of this interface. Built-in PS2 keyboard firewall... Added security.

Sounds like the memory required to program the led might give enough space to insert something malicious. Still there is so many ways to inject a keylogger. I'm not convinced the keyboard is the best target.

Is it possible to use a PS/2 converter to get past the issue?

I still think the Ducky Shine 3 is a time bomb waiting to happen with the number of patches being applied to it.  If you can add new lighting modes what's to stop someone from redirecting keystrokes?

[Matias]

Yes, the keyboard IC really is the least of your worries.

As a vector for malicious code, it's pretty gutless.

[Soarer]

I like Dante's suggestion to use a PS/2 port. The PS2 marketing guys must jump on this opportunity to prolong the life of this interface. Built-in PS2 keyboard firewall... Added security.

Except that in one sense at least, since you can send data from the host via PS/2, exactly the same security hole exists! There have been programmable PS/2 keyboards, even if only for macro functionality, programmed from the host (e.g. Cherry 8200). Theoretically a keyboard could send out malicious keystrokes to further an infection by other means (and it could easily have stored your password!).

The main problem with that and hacking USB keyboards etc. in a similar way is that each would use a proprietary method for programming. Usually, there wouldn't even be any overt indication that programming is possible. Sure, the malware could have a huge library of programming methods, but it still wouldn't be a route that's likely to succeed (from the malware's POV) in general. As part of a targeted attack it perhaps has more to offer, if the attacker knows that the target uses certain susceptible hardware.

[Burz]

Anyway, to answer your question, no that's not possible.

They would need to gain physical access to the keyboard to be able to change it, and they would need to know technical details which we have not disclosed.  It's not enough to just run some software.  If someone malicious gains physical access to your computer, the keyboard is the least of your concerns.

Setting aside all the technical and logistical hurdles to doing this, the microcontroller in the keyboard doesn't have enough memory to store anything more than the keyboard layout, so it wouldn't have anywhere to put any information captured.

With regards to security, wired keyboards are as safe as they come.  You don't need to worry.

Thanks for the assurance, though I wasn't worried necessarily about physical access. The claims from Dragos re: badBIOS has got people concerned about malware travelling on different kinds of USB devices that can have their firmware changed (and, I imagine, an exploitable keyboard with a USB hub in it might be a problem).

[metalliqaz]

BadBIOS is pretty darn far from being confirmed.

[Burz]

BadBIOS is pretty darn far from being confirmed.

BadBIOS doesn't have to be confirmed per se, since even the sceptical experts are agreeing that what is described could become real in some form.

The way that hardware gets built these days is reckless.