+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
General Chat Thread, haha @ apple in General; Just to reverse the trend of last weeks little fun at Microsofts expence, heres an exploit to insert keyloggers into ...
  1. #1

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,934
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193

    Thumbs down haha @ apple

    Just to reverse the trend of last weeks little fun at Microsofts expence, heres an exploit to insert keyloggers into apple keyboards. You've gotta get Apple hardware!!

    SemiAccurate :: News for the Everygeek

    http://www.blackhat.com/presentation...Firm-PAPER.pdf

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,172
    Thank Post
    868
    Thanked 2,698 Times in 2,288 Posts
    Blog Entries
    11
    Rep Power
    772
    This is so Apple, they bundle everything with their computers, viruses with iPods, keyloggers with keyboards. What next

  3. #3


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,690
    Thank Post
    352
    Thanked 796 Times in 715 Posts
    Rep Power
    347
    This is scary stuff, very scary.

  4. #4

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,934
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193
    Quote Originally Posted by kmount View Post
    This is scary stuff, very scary.
    Fear is multiplied by the amount of Macs you have and multiplied again by the integration with your network services.

  5. #5
    Batman's Avatar
    Join Date
    Mar 2009
    Location
    Northampton
    Posts
    940
    Thank Post
    115
    Thanked 118 Times in 74 Posts
    Rep Power
    40
    While the method is impressive, is it ever going to be easier for the hacker than using a traditional keylogger program?

    I'm slightly sceptical!

  6. #6

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,934
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193
    Quote Originally Posted by Batman View Post
    While the method is impressive, is it ever going to be easier for the hacker than using a traditional keylogger program?
    Traditional keylogger requires physical access. Depends if that is easier or not.

  7. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,762
    Thank Post
    3,271
    Thanked 1,053 Times in 974 Posts
    Rep Power
    365
    All USB keyboards are vulnerable. The blame here rests on the USB Device Firmware Update Specification [usb.org], which specifies how firmware updates are supposed to work. Hint: there's no security. The only reason this makes news at all is because it has the word "Apple" in the title.
    Spec compliant, secure: choose one. USB was designed for single user computers without security in mind. The only way to solve this (partially) with existing hardware would be to block access to hardware devices from applications running as non-root users, which is fundamentally contrary to the desire to get device drivers out of the kernel for stability. Short of that, this can only be solved by putting a more powerful CPU in the keyboard controller so that it can do a signature check on its own firmware.

  8. #8


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,690
    Thank Post
    352
    Thanked 796 Times in 715 Posts
    Rep Power
    347
    Quote Originally Posted by mac_shinobi View Post
    All USB keyboards are vulnerable. The blame here rests on the USB Device Firmware Update Specification [usb.org], which specifies how firmware updates are supposed to work. Hint: there's no security. The only reason this makes news at all is because it has the word "Apple" in the title.
    Spec compliant, secure: choose one. USB was designed for single user computers without security in mind. The only way to solve this (partially) with existing hardware would be to block access to hardware devices from applications running as non-root users, which is fundamentally contrary to the desire to get device drivers out of the kernel for stability. Short of that, this can only be solved by putting a more powerful CPU in the keyboard controller so that it can do a signature check on its own firmware.
    A link to this post in its original context - Slashdot Comments | Apple Keyboard Firmware Hack Demonstrated

    Should prove interesting in the next few days how this unfolds beyond Apple if such devices are as susceptible.

  9. #9

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,706
    Thank Post
    905
    Thanked 1,321 Times in 803 Posts
    Blog Entries
    1
    Rep Power
    445
    Quote Originally Posted by mac_shinobi View Post
    All USB keyboards are vulnerable. The blame here rests on the USB Device Firmware Update Specification [usb.org], which specifies how firmware updates are supposed to work. Hint: there's no security. The only reason this makes news at all is because it has the word "Apple" in the title.
    Spec compliant, secure: choose one. USB was designed for single user computers without security in mind. The only way to solve this (partially) with existing hardware would be to block access to hardware devices from applications running as non-root users, which is fundamentally contrary to the desire to get device drivers out of the kernel for stability. Short of that, this can only be solved by putting a more powerful CPU in the keyboard controller so that it can do a signature check on its own firmware.
    The guy benieth that says most dont have upgradable firmware. The fact nearly all apple os users will have on of these makes it easier to target then random luck of finding a windows keyboard that lets it be exploited.

  10. #10
    Batman's Avatar
    Join Date
    Mar 2009
    Location
    Northampton
    Posts
    940
    Thank Post
    115
    Thanked 118 Times in 74 Posts
    Rep Power
    40
    Quote Originally Posted by Theblacksheep View Post
    Traditional keylogger requires physical access. Depends if that is easier or not.
    Nonsense... there must be trojans which can do that, surely?!

  11. #11

    Join Date
    May 2008
    Location
    Kent
    Posts
    529
    Thank Post
    26
    Thanked 73 Times in 64 Posts
    Rep Power
    28
    Cant quite see how the firmware can be remotely compromised without some kind of user interaction, especially if the HIDFirmwareUpdaterTool has to run and know info is given on how a remote attacker might get access to the logged info remotely.

  12. Thanks to Tallwood_6 from:

    mac_shinobi (2nd August 2009)

  13. #12

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,762
    Thank Post
    3,271
    Thanked 1,053 Times in 974 Posts
    Rep Power
    365
    Video on YouTube funnily enough they were using windows and notepad

    [ame="http://www.youtube.com/watch?v=_81lHJQpc_Y"]YouTube - Apple keyboard with evil firmware can root any computer[/ame]

    What would you do if it was a logitech keyboard? Run for the hills?

    Also it's only 5 characters so not sure if that could be increased ?
    Last edited by mac_shinobi; 2nd August 2009 at 06:39 PM.

  14. #13

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,172
    Thank Post
    868
    Thanked 2,698 Times in 2,288 Posts
    Blog Entries
    11
    Rep Power
    772
    Quote Originally Posted by Tallwood_6 View Post
    Cant quite see how the firmware can be remotely compromised without some kind of user interaction, especially if the HIDFirmwareUpdaterTool has to run and know info is given on how a remote attacker might get access to the logged info remotely.
    The only reason they needed to demonstrait it this was is because of leagal concerns. If they had compromised it any other way they would have been breaking DMCA laws and apple would have had them eaten by their pet lawyers. This is the same company who sues people for finding bugs in their software and sues clients who get too talkative about product faults.
    Apple tries to silence owner of exploding iPod with gagging order
    Apple attempted to silence a father and daughter with a gagging order after the child’s iPod music player exploded and the family sought a refund from the company.
    The Times has learnt that the company would offer the family a full refund only if they were willing to sign a settlement form. The proposed agreement left them open to legal action if they ever disclosed the terms of the settlement.
    The case echoes previous circumstances in which Apple attempted to hush up incidents when its devices overheated.
    This exploit can be performed in a much easier way by just transparently uploading a new firmware into the keyboard. This would have required them to crack the encryption directly, not difficult but illegal under US law so they chose this method to display it. Actual criminals are not concerned with this though and can do it in more devious ways.

    Given the onboard memory capacity of the keyboard 1KB there is the possibility to store up to 1000 characters in the keyboards memory without having to offload any of it to the system.

    Other systems like laptops of almost all brands offer built reprogrammable keyboards, just update the BIOS on an old hp to see this in action. The difference is that this reprogramming is done directly by the BIOS and brings up a message alerting the user. As it is not a USB system this exploit should not be possible. There are also so many differing versions that targeting it would be non-trivial.

    Apple's closed environment allows for targeted attacks to be more sucessful as you are talking about tens of devices not thousands.

    If this flaw was shown to affect logitec devices there would still be concern and publicity but it is easier to swap out an external logitec KB while the issue is fixed than an integrated laptop keyboard. As yet this flaw has not been seen to be exploited in the wild but there is still the possibility, especially with the code avalible. On a positive note Apple usually does patch these things once they have been rubbed in their faces.
    Last edited by SYNACK; 3rd August 2009 at 05:15 AM.

  15. Thanks to SYNACK from:

    Theblacksheep (4th August 2009)

  16. #14

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,934
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193
    Quote Originally Posted by SYNACK View Post
    Apple's closed environment allows for targeted attacks to be more sucessful as you are talking about tens of devices not thousands.

    If this flaw was shown to affect logitec devices there would still be concern and publicity but it is easier to swap out an external logitec KB while the issue is fixed than an integrated laptop keyboard. As yet this flaw has not been seen to be exploited in the wild but there is still the possibility, especially with the code avalible. On a positive note Apple usually does patch these things once they have been rubbed in their faces.
    Rubbed in their faces to Apple means the front page of the BBC news site, not some kid at hacker conference! I mean, look at the denial, it must be deafening at Apple!



    Still, instead of paying £50 for a new vulnrable imac keyboard from Apple, I bet you can get some cheap ones on ebay at the moment!

  17. Thanks to Theblacksheep from:

    mac_shinobi (4th August 2009)

  18. #15

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,762
    Thank Post
    3,271
    Thanked 1,053 Times in 974 Posts
    Rep Power
    365
    Quote Originally Posted by Theblacksheep View Post
    Still, instead of paying £50 for a new vulnrable imac keyboard from Apple, I bet you can get some cheap ones on ebay at the moment!
    You mean to say Logitech and other brands of keyboards are cheap and crud ?

    Am sure logitech top of the line equipment can't be less then £50

    I had the MX5000 desktop set ( keyboard and mouse ) for my P4 desktop machine and that was £80 something and is still great but just not compatable with my mac because of the encryption and logitech didnt make drivers / software for it

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Haha @ MS
    By mac_shinobi in forum General Chat
    Replies: 72
    Last Post: 3rd August 2009, 08:50 PM
  2. haha this was funny
    By IanT in forum BSF
    Replies: 4
    Last Post: 4th March 2009, 01:48 PM
  3. apple tv
    By ful56_uk in forum Mac
    Replies: 1
    Last Post: 30th December 2008, 05:14 PM
  4. Apple fans roast Apple fans
    By mattx in forum General Chat
    Replies: 10
    Last Post: 14th March 2008, 11:23 AM
  5. Apple Help
    By Grommit in forum Windows
    Replies: 22
    Last Post: 30th September 2007, 06:17 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •