Linked by Thom Holwerda on Sat 1st Aug 2009 18:22 UTC
Apple Almost everything has a processor and/or memory chips these days, including keyboards. Apple's keyboards are no exception; they have 8Kb of flash memory, and 256 bytes of RAM. K. Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards (more here). Proof of concept code is here as well.
Thread beginning with comment 376563
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Oh dear god we're all doomed.
by WereCatf on Sun 2nd Aug 2009 01:00 UTC in reply to "Oh dear god we're all doomed."
WereCatf
Member since:
2006-02-15

Something needs physical access to the keyboard.....

It's a firmware hack...you DON'T need physical access to the keyboard if you can flash the firmware via a virus/malware/backdoor/etc. So yes, it's quite a bit more serious than those PS2 keyloggers.. besides, those were rather easy to notice if you looked there. But a firmware hack cannot be detected with plain eyesight, and even in software you'd need to read the firmware and verify it against a known good one.

Reply Parent Score: 2

Kabal Member since:
2005-07-09

Well, in that implementation you have to hit return a few times quickly to read the contents out, so you do have to have access to the keyboard to do anything with it.

But anyway, if I am at a point where I am already running arbitrary code on a users machine, I think I would rather install a keylogger in software that has the capability to send the keystrokes directly to my server, rather than install a much crappier keylogger into their keyboard ;)

It's a cute hack but it's not really the end of the world.

Edited 2009-08-02 01:39 UTC

Reply Parent Score: 1

PlatformAgnostic Member since:
2006-01-02

You're right that this isn't exactly the end of the world. But it isn't a totally unreasonable thing for a bored hacker to do IN ADDITION to installing a standard software keylogger. If the attack installs a firmware rootkit in the keyboard, it would be tough to know about an eradicate since even a totally clean install would not get rid of it.

On another note, I don't think we have any reason to believe that this problem applies solely to apple. Other manufacturers probably also have firmware on their keyboards and perhaps they don't bother to implement a proper code-signing system on their keyboard microcontrollers (it would be prohibitively expensive probably).

Reply Parent Score: 2