We can't trust manufacturers not to build keyboards with undetectable hardware keyloggers now and in the future because the NSA has plenty of money. I say this idea isn't new to them at all and I hope that people in the future will keep taking the different models apart to hack around.
Keyloggers inside everyone's keyboard could be useful to the NSA and FBI who could pay companies to bake them in. When you're suspected of a serious crime for example or you get into serious trouble, you could get your storage devices taken away. Encrypted or not, your keyboard could then reveal passwords if it's the correct model. This even breaks forward secrecy. These tiny computers inside keyboards meant to control light flashing, sound, card reading, and more could possibly also control which keys to record and what to throw away based on repetition... if the keylogger's space is limited. Keylogger functionality can be massive, they can use compression or run through the text file it generated over the years, keep one copy of repeated phrases, and throw away the rest. An attacker could possibly talk to your keyboard through your computer if it runs systemd or Windows assuming the interface to the keylogger can be that convenient.
view the rest of the comments →
[–] Lopsid [S] 0 points 1 point 1 point (+1|-0) ago
That sounds realistic because with GNU+Linux, no downloaded file is executable unless you set it to be executable. I'm not sure what would happen if you write a program that sets other files as executable. That could be the exception here. But who cares? If you download a virus that sets files as executable, it's not going to run and what kind of idiot is going to write a program that sets downloaded files as executable? I think Windows machines get infected mostly because downloaded files are allowed to run when double-clicked or something.
[–] noblefool 0 points 1 point 1 point (+1|-0) ago
I love chmod.
Actually it's all about execution context and privileges. In Linux, almost nothing runs with elevated privileges. You have to actually give it explicit instructions to elevate privileges. In Windows, everything runs with the highest available level of privileges, and thus is far easier to compromise.