0
7

[–] carlinco 0 points 7 points (+7|-0) ago 

TBH, true security would only be possible if people started producing their own computers (and equipment to make them). Kind of like open source software, but with advanced 3d-printing.

But even then, it would not be difficult to fool someone by replacing an item with one that looks exactly the same, or by injecting something into the blueprints which would be hard to find (see how often this happens even to open source software under public scrutiny).

As it is, be vigilant, punish companies that get caught breaching your privacy by purchasing somewhere else, and take apart the stuff you quit using to find out at least after the fact if anyone is onto your secret stash of bitcoins...

0
6

[–] Firevine 0 points 6 points (+6|-0) ago 

I guess I'll stick to these ancient keyboards I pick up second hand that I love so much.

0
0

[–] B3bomber ago 

Downside: newer motherboards tend to not have PS/2 ports and only have USB ports. The newest one I have does not have any PCI slots, just PCI-E. There will come a point when that is no longer an option:(

0
0

[–] Firevine ago 

I suppose I could use adapters, but DIN5 to USB are a pain in the ass, and who knows what might be installed onto those chipsets.

0
11

[–] DrBunsen 0 points 11 points (+11|-0) ago 

So it is time for openhardware keyboards/mice

[–] [deleted] 0 points 2 points (+2|-0) ago  (edited ago)

[Deleted]

0
1

[–] DrBunsen 0 points 1 point (+1|-0) ago 

Yeah, never trust the stuff you use.

And I am interested in an open keyboard, as I am in all open things. Thanks

0
6

[–] Lopsid [S] 0 points 6 points (+6|-0) ago 

Yes Doctor. I believe this is the last step in total security and privacy. Although we'll still have to watch for unencrypted wireless, sound, and other noises or traces.

0
19

[–] tame 0 points 19 points (+19|-0) ago 

USB devices are a massive infection vector. There've been all sorts of hijinks like sending people promotional freebie mice which also present as keyboards and run keboard commands when plugged in.

Take a look at these things: https://www.offensive-security.com/offsec/advanced-teensy-penetration-testing-payloads/

Basically if someone wants to get onto your system and is skilled enough, you won't stop them.

3
5

[–] Kal 3 points 5 points (+8|-3) ago  (edited ago)

The Teensy would target Windows machines only.

This is sort of what I figured. How is Linux going to give a fuck about anything a keyboard wants to do besides input keystrokes? M$ will probably play ball for what the NSA wants devices to do, but to my knowledge, open source doesn't give two shits about all these issues you guys on windows are concerned with.

0
0

[–] kltpzyxm ago  (edited ago)

Thats not at all how it works. If it reads as a generic usb device then it doesnt matter what operating system the host operating system uses, all commands will be passed and executed as though they're coming from a legitimate user typing away on the keyboard.

And as for the Teensy itself, its pretty much the defacto standard for home brew keyboards and game controllers because there are several fully functional open source firmware packages available for it. It also works on all operating systems.

As for injecting data, all you have to do is spoof the real keyboard and the os doesnt even realize theres a second transmitter.

1
7

[–] 2716057 1 point 7 points (+8|-1) ago 

This is not what they mean. Microsoft-branded keyboards and mice all use the same (lack of) encryption, so this device can snoop on the transmission between the keyboard and USB dongle.

The firmware you're using on your computer (Linux, OSX, BSD, etc.) is irrelevant. You could use a Microsoft keyboard on a Linux machine, and the Teensy would still pick it up.