Linked by Thom Holwerda on Sat 1st Aug 2009 18:22 UTC
Apple Almost everything has a processor and/or memory chips these days, including keyboards. Apple's keyboards are no exception; they have 8Kb of flash memory, and 256 bytes of RAM. K. Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards (more here). Proof of concept code is here as well.
Thread beginning with comment 376565
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:

Well, in that implementation you have to hit return a few times quickly to read the contents out, so you do have to have access to the keyboard to do anything with it.

But anyway, if I am at a point where I am already running arbitrary code on a users machine, I think I would rather install a keylogger in software that has the capability to send the keystrokes directly to my server, rather than install a much crappier keylogger into their keyboard ;)

It's a cute hack but it's not really the end of the world.

Edited 2009-08-02 01:39 UTC

Reply Parent Score: 1

PlatformAgnostic Member since:

You're right that this isn't exactly the end of the world. But it isn't a totally unreasonable thing for a bored hacker to do IN ADDITION to installing a standard software keylogger. If the attack installs a firmware rootkit in the keyboard, it would be tough to know about an eradicate since even a totally clean install would not get rid of it.

On another note, I don't think we have any reason to believe that this problem applies solely to apple. Other manufacturers probably also have firmware on their keyboards and perhaps they don't bother to implement a proper code-signing system on their keyboard microcontrollers (it would be prohibitively expensive probably).

Reply Parent Score: 2

darknexus Member since:

And a code signing would be absolutely useless, seeing as how that signature would simply be duplicated. The thing about code signing is that it's only useful as long as the signature isn't reversed, as soon as it is the signature might as well not even be there. On a software platform such as a typical PC or even a cel phone, this wouldn't be a big deal as the signature certificates could simply be updated in the background, but on a tiny embedded system it would be worse than useless even if they did bother to implement it. I doubt many would continuously update their keyboard firmware for new signatures, and it would be too risky to have firmware updates applied automatically without prompting in case the device was bricked due to a crash or loss of power.

Reply Parent Score: 2

bert64 Member since:

If you were to install a hardware keylogger like this, how would you get the logs out of the system?
You'd still need a software component running in order to read the logs from the flash and transmit them away somewhere, and this software component would be just as vulnerable as a regular keylogger to being removed.

This just sounds like a clever idea in theory that provides no real benefit in practice.

Reply Parent Score: 1