Linked by Thom Holwerda on Sat 1st Aug 2009 18:22 UTC
Apple Almost everything has a processor and/or memory chips these days, including keyboards. Apple's keyboards are no exception; they have 8Kb of flash memory, and 256 bytes of RAM. K. Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards (more here). Proof of concept code is here as well.
Thread beginning with comment 376558
To view parent comment, click here.
To read all comments associated with this story, please click here.
darknexus
Member since:
2008-07-15

But then you have this other problem... you'd need to convince the users to run it, since it couldn't be done by a web scripting language and even Safari won't just execute an arbitrary file on the machine.

Reply Parent Score: 2

WereCatf Member since:
2006-02-15

But then you have this other problem... you'd need to convince the users to run it, since it couldn't be done by a web scripting language and even Safari won't just execute an arbitrary file on the machine.

Do you mean the case of malware infecting the computer and then patching the keyboard? Well, the malware would get on the computer the same way it usually does... either some security hole, or an unknowing user. The firmware on the keyboard doesn't need to be executed, it's always running on the keyboard as long as there's power to it..

Reply Parent Score: 2

anduril Member since:
2005-11-11

Most people can be convinced fairly easily to do something stupid on the computer. This is arguably what makes malware so effective on windows (Ohhh...shiney shit lets install!). Do you really think mac users are so superior that mom and pop wouldn't click yes, run this crap if it looks official?

Then, its game over. OSX isnt truely anymore secure from a programming standpoint (as the researchers and hackers are showing) but rather due to sizing and time constraints. Why waste time on 5% (or whatever the install base is) and exploiting a hole when you can easily exploit a hole with a user base thats 90%?

Reply Parent Score: 1