That would be my guess, Apple these days uses a lot of the same chips under the hood as it’s competitors, (ok, all the same chips now) – as such I’d not be surprised to find out other USB keyboards are at risk. The fix needs to be implemented at the hardware/firmware level, he says.
#Apple keypad incase mac os x
However, he is afraid that Apple will fix this in current and future versions of Mac OS X only, leaving the keyboards open to be attacked from other sources. “Don’t believe them when they try to spin this as minor, owning a keyboard gives you ownership of a system.”Ĭhen can write a tool to lock down the firmware, he says, but he’s waiting for a possible official solution from Apple before he attempts to do so. They would’ve told Apple about this, but the last few times when they called Apple in similar cases, the company didn’t even return their calls. It is completely remotely exploitable, and almost impossible to remove, especially if you don’t know it is there,” SemiAccurate writes, “This huge hole that Apple has in it’s hardware turns any remote exploit, Apple is full of them, into a huge security problem.” It wouldn’t take much to do this remotely, using a compromised website, for instance. There was 1Kb of free space left inside the keyboard, so you can store quite a few keystrokes. Chen demonstrated a rudimentary keylogger which would print the last five typed characters. Rebooting won’t help, you can’t pull any batteries, and it’s impossible to detect. Resume the HIDFirmwareUpdaterTool, and a few seconds later, your keyboard is compromised.
Nothing is encrypted, decrypted, and it’s all very simple to do.
“The tool is run, a breakpoint set, and then you simply cut and paste the new code into the firmware image in memory. It’s actually quite easy to abuse the memory and RAM in Apple keyboards, thanks to Apple’s HIDFirmwareUpdaterTool, which is used to update the firmware in HID devices, among which is the Apple keyboard. Chen presented his findings at this year’s Black Hat conference. While 8Kb of flash memory and 256 bytes of RAM might not sound like a whole lot of space, it’s enough for an intelligent coder to make use of, and for someone with malicious intent to abuse.
#Apple keypad incase install
Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards ( more here). Apple’s keyboards are no exception they have 8Kb of flash memory, and 256 bytes of RAM.
Almost everything has a processor and/or memory chips these days, including keyboards.
0 kommentar(er)
