[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Trojan Keyboard Driver (was Re: Viewing Current Password)
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Trojan Keyboard Driver (was Re: Viewing Current Password)
- From: "Rob Hines Jr." <rhines_(_at_)_joboptions_(_dot_)_com>
- Date: Mon, 11 Dec 2000 09:12:15 -0500
- Organization: JobOptions.com Network
Well...There are somethings that can be done. You could run some kind of app that
monitors keyboard connectivity, and if it fails, scramble the storage, or page
you, or any number of things. Even if a keyboard is 'dumb', that does not mean the
system has to be.
Run daemons that monitor your peripherals, that detect and respond to changes in
connectivity. The feds could have just as easily have tapped the system I/O, or
the drive cables, or the video cables, etc.. Ever heard of Tempest? They don't
even really need to hook anything to your computer to monitor it.
Physical security wins the day when you're trying to protect high security data.
Any schmuck can run strong crypto, and have a relatively secure net presence,
which means exactly d*ck when hackers and feds can break into your location and
gain access directly.
I've worked at places where servers were locked behind medco armoured doors, wired
into the alarm systems, that reacted to physical security access controls and
notified people religiously of changes in their environment and tampering (my boss
was a little paranoid). Access was limited to a select few terminals and only at
certain times with smart cards and other means of authentication. Still there were
ways around it.
There is no such thing as a totally secure system, at all. The most safe data
storage is in your head, everything else is vulnerable according to it's value.
But, if you keep it in your head, how safe are you?
Al Lipscomb wrote:
> > The gist is -- keyboards are dumb. They need to be smart. Putting a
> > cryptosystem atop the protocol between keyboard and computer would
> > defeat this particular attack (it sounds like they used the commercial
> > keyghost device ;) if the cryptosystem were strong enough. If the
> > keyboard had a smart card reader, and could interface with the smart
> > card to retrieve a session key shared between the smart card and
> > computer host (either using public key encryption, or some very crafty
> > symmetric algorithm :) then one would know the cable is safe. If the
> > decryption is done by the cpu, that would make attacks against the
> > mother board much more difficult.
> If they have control of the hardware there is almost nothing you are going
> to do that will prevent them from getting into the data. You must be able
> to maintain physical control of the hardware to even begin to be safe. Instead
> of a smart card to provide a key you would want to move the message to a PDA
> for decryption.
> A thought would be to write a java applet that would display a random keyboard
> and let you type your password in with a mouse.
Rob Hines Jr.
Visit your host, monkey.org