geekhack
geekhack Community => Keyboards => Topic started by: itlnstln on Mon, 03 August 2009, 12:32:50
-
http://arstechnica.com/apple/news/2009/08/exploit-allows-for-keyboard-ownage-through-firmware.ars
This is the first time I have heard of a keyboard being hacked. I have heard from security-hawks about being able to compromise a computer by tapping a wireless keyboard, but this, this is different.
-
Really, I think this still will not have too high of a chance of being exploited, as there are simply so many other keyboards out there, and many of them most likely have the same possible vulnerability.
-
A keyboard that needs firmware updates? Spare me...
-
I think this is a good story, but not for it's direct content. Anything with memory is "hackable" in the sense. Ever heard of a Pandora battery (http://en.wikipedia.org/wiki/Pandora%27s_Battery) on the PSP? This is also a low level hardware "hack". You can do the same thing with a lot of hardware with flash memory, not even always attached to a computer like digital cameras and audio receivers
The big thing that should be noted, is that if this hack can only be applied with physical access, or can only be applied remotely with a rootkit. Either way, you're relatively screwed. I know I know, the general retort is "But it stays there when you format" - and that's pretty crappy. But if your machine has a virus on it, and you're unaware of it, there's no telling when next format comes up. Having root access is just as deadly as a firmware "in ur scissor switch, loggin ur keys"
-
Realforces have a firmware upgrade option. Have to flip a DIP switch though - hacker proof.
Seriously though, I like the idea of firmware upgradable if it allows you to store custom key mappings on the keyboard. A HHKB3 really needs this to make it a truly portable AND customizable keyboard.
Wonder what Apple does with the firmware? Charge your iTunes account 99cents every time you hit the Cloverleaf?
I don't recall ever seeing anything about keyboard firmware, but its usually to fix bugs in the firmware of the computer itself.
-
Not sure about Apple, maybe to handle some logic and ghosting issues? A lot of media keyboards use flash memory, to handle things like starting your internet browser with a macro key, etc
-
there have been several compromising emanations (http://en.wikipedia.org/wiki/TEMPEST) type logging attacks on keyboards, both wired and wireless. this one is kind of innovative in that it uses onboard computational capacity to compromise the keypress stream.
one of the more interesting ones was an attack that could log keystrokes merely by hearing the sound of the keys (http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci963348,00.html); the article refers to the membrane acting as a drumhead, which is somewhat silly, but i'm sure we are all typing on keyboards that make compromising acoustic emanations.
of course, even assuming you get the keyboard completely silent, there's still van eck phreaking (http://en.wikipedia.org/wiki/Van_Eck_phreaking) to worry about, not to mention a USB keylogger or a rubber hose.