Linked by Thom Holwerda on Sat 1st Aug 2009 18:22 UTC
Almost everything has a processor and/or memory chips these days, including keyboards. Apple's keyboards are no exception; they have 8Kb of flash memory, and 256 bytes of RAM. K. Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards (more here). Proof of concept code is here as well.
Permalink for comment 376578
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Member since:
2008-07-15
And a code signing would be absolutely useless, seeing as how that signature would simply be duplicated. The thing about code signing is that it's only useful as long as the signature isn't reversed, as soon as it is the signature might as well not even be there. On a software platform such as a typical PC or even a cel phone, this wouldn't be a big deal as the signature certificates could simply be updated in the background, but on a tiny embedded system it would be worse than useless even if they did bother to implement it. I doubt many would continuously update their keyboard firmware for new signatures, and it would be too risky to have firmware updates applied automatically without prompting in case the device was bricked due to a crash or loss of power.