Re: [qubes-users] Re: USB Keyboard thoughts...
On Tuesday, 12 December 2017 16:24:16 CET cooloutac wrote: > well I'm no expert but with ps/2 keyboard it will be the only thing > attached, unlike usb which can have multiple devices on same controller, > spoofed as other devices. Is there a better option? The attack modes are two very different ones. Taiidan is thinking about someone coming in, installing a snooping device and waiting for you to type something critical. In contrary your ps2 solution is one which protects against people at any time entering your OS through compromised (usb) hardware. Either by giving you a pen, or entering the pen themselves. It seems that if you drop usb pens in the parking lot of a mall or company, you have a very very high chance some unsuspecting person will insert it in their machine. With the amount of bad USB drivers in the linux tree (not to mention in Windows) this is a worrying attack allowing the machine to be rooted without the attacker even being physically present. sys-usb limits this attack. > USB to ps/2 adapter works, i apologize if it is a too simple and > practical cheap solution. If you are oldschool you probably have some > laying around the house. I think thats a great solution for the more common attack. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2076848.empXumHRCm%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: USB Keyboard thoughts...
On Monday, December 4, 2017 at 11:09:24 PM UTC-5, tai...@gmx.com wrote: > On 12/04/2017 07:31 PM, cooloutac wrote: > > > I use a usb to ps2 adapter for my keyboard. > I assume with the mistaken impression that PS/2 is more secure for some > reason - for the record it sends your keystrokes out on the ground wire. what? well I'm no expert but with ps/2 keyboard it will be the only thing attached, unlike usb which can have multiple devices on same controller, spoofed as other devices. Is there a better option? USB to ps/2 adapter works, i apologize if it is a too simple and practical cheap solution. If you are oldschool you probably have some laying around the house. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/66ba1747-3212-4001-8bf2-97eeae913644%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: USB Keyboard thoughts...
On 12/05/2017 05:09 PM, taii...@gmx.com wrote: > On 12/04/2017 07:31 PM, cooloutac wrote: > >> I use a usb to ps2 adapter for my keyboard. > I assume with the mistaken impression that PS/2 is more secure for > some reason - for the record it sends your keystrokes out on the > ground wire. > Sends keystrokes out? To where? Inquiring minds request further information / references! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/15ea3f01-e90f-6db4-69e8-d4bd452a45ef%40fastmail.fm. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: USB Keyboard thoughts...
On 12/04/2017 07:31 PM, cooloutac wrote: I use a usb to ps2 adapter for my keyboard. I assume with the mistaken impression that PS/2 is more secure for some reason - for the record it sends your keystrokes out on the ground wire. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8f2ce442-a6d0-4100-b956-d24196455340%40gmx.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: USB Keyboard thoughts...
I use a usb to ps2 adapter for my keyboard. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d4ed6f0f-320b-48c8-8f5e-a22c01652827%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: USB Keyboard thoughts...
W dniu niedziela, 3 grudnia 2017 06:29:51 UTC+1 użytkownik tai...@gmx.com napisał: > I would consider purchasing one of unicomps excellent mechanical > keyboards, they don't have re-writable firmware so a malicious computer > can't install a virus (unlike most keyboards) and they are also made in > america thus much more trustworthy. > > Truly a pleasure to type on, they are made with the original IBM Model M > tooling. Try Bathroom Epiphanies. These are replacement keyboard controllers for select mechanical keyboards. Fully open source, fully open hardware. Allow full control over the keyboard and the code that it runs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/df757748-f106-4c03-855b-2be873aeb294%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: USB Keyboard thoughts...
I would consider purchasing one of unicomps excellent mechanical keyboards, they don't have re-writable firmware so a malicious computer can't install a virus (unlike most keyboards) and they are also made in america thus much more trustworthy. Truly a pleasure to type on, they are made with the original IBM Model M tooling. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a8c34cb4-2bba-020c-a581-233884374f91%40gmx.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: USB Keyboard thoughts...
W dniu piątek, 1 grudnia 2017 19:10:07 UTC+1 użytkownik Matty South napisał: > I love the Qubes project! I've been thinking of ways to improve the security > when it comes to USB Keyboards. > > I'm sure a lot of us who use Qubes as our day-to-day OS have a nice keyboard > attached to the system. Upon plugging in the USB keyboard for the first time, > I rightfully got a security warning about the implications of passing USB > Keyboard input into dom0 (think USB Rubber Ducky attack among others). OK, > I'm on board so far. What surprises me is that I didn't just authorize THIS > keyboard to pass through to dom0, I have authorized *ANY* USB keyboard to > access dom0. I verified this with other keyboards and even a home-made Rubber > Ducky attack using a teensy. > > Curious, is there a reason why we don't restrict the authorized USB keyboard > based on USB Serial number or even VID or PID. Sure with PID/VID, a physical > attacker who knows your brand of keyboard could still pass through > keystrokes, but it would still up the bar a little for these style of > attacks. > > I'm on Version 3.2 so forgive me if this has been addressed in 4.0. > > Secondly, I don't want to be the guy begging for improvements, I would like > to contribute. Can anyone point me to a good place to start if I want to add > this feature? I'm thinking here maybe? > https://github.com/QubesOS/qubes-app-linux-usb-proxy All of these values can be forged by the attacker. You may want to try using udev rules to block all keyboards except the ones that were present during boot process. You'd lose the ability to use USB keyboard plugged into a live system but it would also force a potential attacker to reboot your machine in order to use a rubber ducky. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/153e0878-7269-472c-8ab4-993888e857dd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
