Linked by Thom Holwerda on Sat 1st Aug 2009 18:22 UTC
Apple Almost everything has a processor and/or memory chips these days, including keyboards. Apple's keyboards are no exception; they have 8Kb of flash memory, and 256 bytes of RAM. K. Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards (more here). Proof of concept code is here as well.
Thread beginning with comment 376562
To read all comments associated with this story, please click here.
Oh dear god we're all doomed.
by Finchwizard on Sun 2nd Aug 2009 00:54 UTC
Finchwizard
Member since:
2006-02-01

Something needs physical access to the keyboard.....

It's almost as scary as those PS2 Key Loggers that used to goto between keyboard and computer, those things were an epidemic......oh wait, not they weren't.

I mean seriously, any excuse to slam Apple these days with something everyone else does as well.

Reply Score: 4

WereCatf Member since:
2006-02-15

Something needs physical access to the keyboard.....

It's a firmware hack...you DON'T need physical access to the keyboard if you can flash the firmware via a virus/malware/backdoor/etc. So yes, it's quite a bit more serious than those PS2 keyloggers.. besides, those were rather easy to notice if you looked there. But a firmware hack cannot be detected with plain eyesight, and even in software you'd need to read the firmware and verify it against a known good one.

Reply Parent Score: 2

Kabal Member since:
2005-07-09

Well, in that implementation you have to hit return a few times quickly to read the contents out, so you do have to have access to the keyboard to do anything with it.

But anyway, if I am at a point where I am already running arbitrary code on a users machine, I think I would rather install a keylogger in software that has the capability to send the keystrokes directly to my server, rather than install a much crappier keylogger into their keyboard ;)

It's a cute hack but it's not really the end of the world.

Edited 2009-08-02 01:39 UTC

Reply Parent Score: 1

Drumhellar Member since:
2005-07-12

Something needs physical access to the keyboard.....


The MacOS X computer that your keyboard is plugged into has physical access to the keyboard. Actually, it has physical access to the firmware. Run a piece of malware on your desktop (which, again, has physical access to the keyboard) and you're compromised.

Reply Parent Score: 1