Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Apple Keyboards Vulnerable to Firmware Hack
08-02-2009, 11:44 PM,
#1
Apple Keyboards Vulnerable to Firmware Hack
Apple Keyboards Vulnerable to Firmware Hack
posted by Thom Holwerda on Sat 1st Aug 2009 18:22 UTC

Almost everything has a processor and/or memory chips these days, including keyboards. Apple's keyboards are no exception; they have 8Kb of flash memory, and 256 bytes of RAM. K. Chen has found a way to very easily install keyloggers and other possibly malicious code right inside these Apple keyboards (more here). Proof of concept code is here as well.

While 8Kb of flash memory and 256 bytes of RAM might not sound like a whole lot of space, it's enough for an intelligent coder to make use of, and for someone with malicious intent to abuse. K. Chen presented his findings at this year's Black Hat conference.

It's actually quite easy to abuse the memory and RAM in Apple keyboards, thanks to Apple's HIDFirmwareUpdaterTool, which is used to update the firmware in HID devices, among which is the Apple keyboard. "The tool is run, a breakpoint set, and then you simply cut and paste the new code into the firmware image in memory. That's it," SemiAccurate explains. Nothing is encrypted, decrypted, and it's all very simple to do. Resume the HIDFirmwareUpdaterTool, and a few seconds later, your keyboard is compromised. Rebooting won't help, you can't pull any batteries, and it's impossible to detect.

K. Chen demonstrated a rudimentary keylogger which would print the last five typed characters. There was 1Kb of free space left inside the keyboard, so you can store quite a few keystrokes. It wouldn't take much to do this remotely, using a compromised website, for instance.

<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/_81lHJQpc_Y"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/_81lHJQpc_Y" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>

"Apple needs to patch this problem ASAP. It is completely remotely exploitable, and almost impossible to remove, especially if you don't know it is there," SemiAccurate writes, "This huge hole that Apple has in it's hardware turns any remote exploit, Apple is full of them, into a huge security problem."

They would've told Apple about this, but the last few times when they called Apple in similar cases, the company didn't even return their calls. "Don't believe them when they try to spin this as minor, owning a keyboard gives you ownership of a system."

Chen can write a tool to lock down the firmware, he says, but he's waiting for a possible official solution from Apple before he attempts to do so. However, he is afraid that Apple will fix this in current and future versions of Mac OS X only, leaving the keyboards open to be attacked from other sources. The fix needs to be implemented at the hardware/firmware level, he says.

http://www.osnews.com/story/21933/Apple_Ke...o_Firmware_Hack
“Everything Popular Is Wrong” - Oscar Wilde
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
Video How did the NSA hack our emails? drummer 0 297 01-06-2014, 12:19 AM
Last Post: drummer
  Have you updated your printer firmware ? JFK 6 546 09-30-2013, 10:11 PM
Last Post: mexika
  Apple accused of $74bn US tax evasion mexika 1 451 05-22-2013, 06:02 AM
Last Post: fujiinn
  AntiSec obtained 12 Mil Apple device record by hacking FBI agent's laptop h3rm35 0 507 09-05-2012, 02:13 PM
Last Post: h3rm35
  Apple earnings surge on blow-out iPhone sales yeti 2 478 01-25-2012, 11:37 AM
Last Post: Hans Olo
Photo Microsoft vs. Apple Infographic Details Rivalry from Inception to Global Domination FastTadpole 0 559 06-24-2011, 04:44 AM
Last Post: FastTadpole
  Apple support company sues customer for complaining drummer 0 621 01-03-2011, 01:38 AM
Last Post: drummer
  EFF.org T-Shirt :: Things to Hack FastTadpole 0 2,829 07-24-2010, 01:12 AM
Last Post: FastTadpole
  Veil Lifts Slightly on Apple’s Secret Plan to Control the Universe h3rm35 0 411 03-10-2010, 09:50 PM
Last Post: h3rm35
  Update On The Firmware Update Conpspiracy! Weyland 0 539 11-11-2006, 12:45 PM
Last Post: Weyland

Forum Jump:


Users browsing this thread: 1 Guest(s)