Marcus L. Rowland (ffutures) wrote,
Marcus L. Rowland
ffutures

Mac Keyboard security problem

Possibly of interest...

A large hole has been found in Mac security - basically, it's possible to hack the firmware of Mac keyboards to turn them into self-contained keyloggers. No hardware modification, and almost impossible to detect.

http://www.semiaccurate.com/2009/07/31/apple-keyboard-firmware-hack-demonstrated/

It looks like the easiest way to do this would be to borrow someone's keyboard for a minute, plug it into an iBook or something else running GDB, and go on your way rejoicing. No need to touch the target computer itself (unless, I suppose, it's a bluetooth keyboard), so you don't need to log in. Reading how it works, I'm pretty sure you could adapt the idea to other operating systems, and use a PDA or something instead of a Mac-compatible.

As far as I know only Mac keyboards with flash memory etc. are vulnerable - PC keyboards don't have this as far as I know, most of their processing is done by the PC.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

  • 11 comments