About This File
The security posture of a computer can be adversely affected by poorly-designed devices on its USB bus. Many modern embedded devices permit firmware to be upgraded in the field and the use of low-cost microcontrollers in these devices can make it difficult to perform the mathematical operations needed to verify a crypto-graphic signature. The security of many of these upgrade mechanisms is very much in question. For a concrete example, we describe how to tamper with a firmware upgrade to the Apple Aluminum Keyboard. We describe how an attacker can subvert an off-the-shelf keyboard by embedding into the firmware malicious code which allows a rootkit to survive a clean re-installation of the host operating system.
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now