You are viewing a single comment's thread.

view the rest of the comments →

3
5

[–] Kal 3 points 5 points (+8|-3) ago  (edited ago)

The Teensy would target Windows machines only.

This is sort of what I figured. How is Linux going to give a fuck about anything a keyboard wants to do besides input keystrokes? M$ will probably play ball for what the NSA wants devices to do, but to my knowledge, open source doesn't give two shits about all these issues you guys on windows are concerned with.

1
7

[–] 2716057 1 point 7 points (+8|-1) ago 

This is not what they mean. Microsoft-branded keyboards and mice all use the same (lack of) encryption, so this device can snoop on the transmission between the keyboard and USB dongle.

The firmware you're using on your computer (Linux, OSX, BSD, etc.) is irrelevant. You could use a Microsoft keyboard on a Linux machine, and the Teensy would still pick it up.

0
3

[–] Kal 0 points 3 points (+3|-0) ago 

so this device can snoop on the transmission between the keyboard and USB dongle.

Ahh, you're talking about a wireless keyboard. I suppose that's plausible if there was a target they wanted to snoop on. They could get within wireless range, which could be tricky.

I don't see how the info could just phone home over the internet, however (which is what I thought you meant.)

Opening a Windows command prompt is the foundation for all our attacks.

Teensy seems to be all about windows from the skimming of the artice I've done.

[–] [deleted] 1 point 0 points (+1|-1) ago  (edited ago)

[Deleted]

0
0

[–] kltpzyxm ago  (edited ago)

Thats not at all how it works. If it reads as a generic usb device then it doesnt matter what operating system the host operating system uses, all commands will be passed and executed as though they're coming from a legitimate user typing away on the keyboard.

And as for the Teensy itself, its pretty much the defacto standard for home brew keyboards and game controllers because there are several fully functional open source firmware packages available for it. It also works on all operating systems.

As for injecting data, all you have to do is spoof the real keyboard and the os doesnt even realize theres a second transmitter.

0
0

[–] Kal ago 

So linux would just let 'generic usb device' do whatever it wants such as phoning home a log stored on the keyboard hardware itself? How would it even know how to interact with generic usb device? I am pretty ignorant about how exactly Linux would handle an unknown usb device like this, but as far as I understand, it simply wouldn't work until code was written on how to interact with it. Wouldn't Linux devs be asking themselves why the fuck a keyboard wants to phone home?