Sunday, August 16, 2009

Apple Keyboard Secret Keystroke Logger

Translation...
Keystroke logging software may be inserted directly into some keyboards. A physical inspection won't find it. Reloading your system software won't destroy it.


"The security posture of a computer can be adversely affected by poorly-designed devices on its USB bus. Many modern embedded devices permit firmware to be upgraded in the field and the use of low-cost microcontrollers in these devices can make it difficult to perform the mathematical operations needed to verify a cryptographic signature. The security of many of these upgrade mechanisms is very much in question. For a concrete example, we describe how to tamper with a firmware upgrade to the Apple Aluminum Keyboard. We describe how an attacker can subvert an off-the-shelf keyboard by embedding into the firmware malicious code which allows a rootkit to survive a clean re-installation of the host operating system." K. Chen - Georgia Institute of Technology (more)