On Sun, Jul 09, 2006 at 04:22:29PM +0200, Peter Philipp wrote:
> On Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote:
> > On Sun, Jul 09, 2006 at 02:25:12PM +0200, Peter Philipp wrote:
> > > I know that wireless keyboards have built-in encryption, but do wired
> > > keyboards or specifically USB keyboards exist that encrypt the typed
> > > input for the USB bus?
> > >
> > > I suspect something like public key encryption on the keyboard which
> > > choses a
> > > random key for the key-input and exchanges it securely with the
> > > operating system. Does it exist?
> >
> > The most sensible implementation of what you want is a laptop + ssh, I
> > suppose.
> >
> > I am not aware of any keyboard of the sort you describe, nor do I see
> > the use of such a thing. Seriously, what are you trying to protect
> > against? Hardware keyloggers?
>
> Exactly. Evil external USB Hubs, or other USB hardware that has access
> to a USB bus. You already know I'm paranoid, but consider when technology
> allows it *someone* is gonna make something of the sorts, and it's
> responsiblity of the industry to protect everyone from that.
Companies have very little responsibilities. (And let's not go into
discussions about alternate economical systems here.)
If you are paranoid about the USB bus, which might be justified in some
cases, why not choose the most obvious solution? Alternately, I'm fairly
sure USB->PS2 converters can be found *somewhere*.
Also, it's a well known truth of computer security that physical access
makes (almost) all security measures irrelevant.
> I'm not
> wrong in this, or am I confusing a wicked world with a wonderland that
> treats everyone fairly regardless of their political, social, race, sex
> or religious status?
You are, possibly, confusing a world in which people are out to get you
with one where (most of) the rest of the world doesn't particularly care
what happens to you. I'm not saying we're living in a wonderland, but
it's highly unlikely someone will invest the time to bug your keyboard.
> > It should be possible, but it's not necessarily easy. Again, is there a
> > point? Just map it something exotic in software (kbd(8) might help) if
> > that's what you want, no need to do in hardware what can be done in
> > software.
>
> Well I'm more or less wondering if anyone has ever done it. I'm looking
> for experiences here. If I rewire my keyboard that's my business (I did
> buy it after all, it is not partially owned by any government, corporation, or
> other entity, not even god, it's mine and I shall do with it as I wish) and I
> suspect rewriting the keyboard mapping in the kernel isn't all that hard.
This shouldn't be too hard, given suitable electronics (probably
something old and very heavy should be favoured if you really want to go
ahead) and some coding experience, but what's the point? Someone with a
little skill will soon figure out that two characters followed by
<enter> is most likely 'ls'; this quickly leads to discovering what ' '
is, and so on. A simple substitution cipher isn't particularly hard to
defeat.
The suggestion above - laptop+ssh - was not a joke; it would actually do
most of what you want, without requiring you to disassemble an -
apparently - favoured keyboard with unpredictable results.
Joachim
