Apple keyboards are vulnerable to a hack that puts keyloggers and malware directly into the keyboard. This could be a serious problem, and now that the presentation and code is out there, the bad guys will surely be exploiting it.

The vulnerability was discovered by K. Chen, and he gave a talk on it at Blackhat this year. The concept is simple, a modern Apple keyboard has about 8K of flash memory, and 256 bytes of working ram. For the intelligent, this is more than enough space to have a field day.

I wouldn't loose sleep over this or get worked up about Black Hat demonstrations. Compensating controls that continue to provide security in depth in this case would include network and host  IDS/IPS so that the keystroke log files might be found stored on the host or being transmitted out of the enterprise. In the case of a shared public lab, like the university cited, the common safeguard is to wipe and rebuild each machine on a daily basis.

I'd agree that this is another serious vulnerability that should help heighten our awareness of the potential dangers. 

The biggest danger I see in information assurance today is the belief that only good guys are finding these holes and the belief that sharing them at Black Hat educates the bad guys.

Anybody who has spent more than 10 minutes following the current exploits in the wild understands that the folks behind conflicker or the theft of the

F35 designs are very, very competent. They don't need Black Hat demos to find opportunities. They're finding more and better exploits on their own. 

WE need the demos to help wake up and inform management as to what we're up against and how insanely insecure many systems are today.

The Twitter ddos, F35 design theft, multi-million node botnets, massive penetration of our power grid and 90% of all email as malicious (I consider all fraudulent mail including spam as malicious) should be enough of a wake-up call but it doesn't seem to penetrate.

Regards

Ken Kousky

Comment (0)