I know that wireless keyboards have built-in encryption, but do wired keyboards
or specifically USB keyboards exist that encrypt the typed input for the USB
bus?

I suspect something like public key encryption on the keyboard which choses a
random key for the key-input and exchanges it securely with the
operating system. Does it exist?

I'm currently using a macally USB keyboard (for macs) on both my amd64 and
macppc (unplugging it / plugging it when I change computers), and it feels
great on the hands/fingers but the USB communication isn't encrypted I suspect.
The keyboards case is seethrough and I can see the circuits to the keys, as
well as the built-in USB hub. Has anyone ever opened one of these and
modded the keyboard to change the mapping of the keys? Is easily done?

Here is the dmesg of the keyboard:

Jun 28 18:40:58 neptune /bsd: uhub3: ALCR macally Kbd Hub, rev 1.10/1.00, addr 3
Jun 28 18:40:58 neptune /bsd: uhub3: 3 ports with 2 removable, bus powered
Jun 28 18:40:58 neptune /bsd: uhidev1 at uhub3 port 1 configuration 1 interface 0
Jun 28 18:40:58 neptune /bsd: uhidev1: ALCR macally Kbd Hub, rev 1.10/1.00, addr 4, iclass 3/1
Jun 28 18:40:58 neptune /bsd: ukbd0 at uhidev1: 8 modifier keys, 6 key codes
Jun 28 18:40:58 neptune /bsd: wskbd1 at ukbd0 mux 1
Jun 28 18:40:58 neptune /bsd: wskbd1: connecting to wsdisplay0

regards,
-peter

Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote:
Sun, Jul 09, 2006 at 02:25:12PM +0200, Peter Philipp wrote:
I know that wireless keyboards have built-in encryption, but do wired
keyboards or specifically USB keyboards exist that encrypt the typed
input for the USB bus?

I suspect something like public key encryption on the keyboard which choses a
random key for the key-input and exchanges it securely with the
operating system. Does it exist?

The most sensible implementation of what you want is a laptop + ssh, I
suppose.

I am not aware of any keyboard of the sort you describe, nor do I see
the use of such a thing. Seriously, what are you trying to protect
against? Hardware keyloggers?

Exactly. Evil external USB Hubs, or other USB hardware that has access
to a USB bus. You already know I'm paranoid, but consider when technology
allows it *someone* is gonna make something of the sorts, and it's
responsiblity of the industry to protect everyone from that. I'm not
wrong in this, or am I confusing a wicked world with a wonderland that
treats everyone fairly regardless of their political, social, race, sex
or religious status?

<snip regarding macally keyboard>

It should be possible, but it's not necessarily easy. Again, is there a
point? Just map it something exotic in software (kbd(8) might help) if
that's what you want, no need to do in hardware what can be done in
software.

Joachim

Well I'm more or less wondering if anyone has ever done it. I'm looking
for experiences here. If I rewire my keyboard that's my business (I did
buy it after all, it is not partially owned by any government, corporation, or
other entity, not even god, it's mine and I shall do with it as I wish) and I
suspect rewriting the keyboard mapping in the kernel isn't all that hard.

regards,
-peter

Sunday, July 9, 2006, 10:22:29, Peter Philipp wrote:
Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote:
>
>I am not aware of any keyboard of the sort you describe, nor do I see
>the use of such a thing. Seriously, what are you trying to protect
>against? Hardware keyloggers?
>
Exactly. Evil external USB Hubs, or other USB hardware that has access
to a USB bus. You already know I'm paranoid, but consider when technology
allows it *someone* is gonna make something of the sorts,

They're already available

for PS2 keyboards

for USB keyboards

Sun, Jul 09, 2006 at 06:01:43PM +0200, Joachim Schipper wrote:

You are, possibly, confusing a world in which people are out to get you
with one where (most of) the rest of the world doesn't particularly care
what happens to you. I'm not saying we're living in a wonderland, but
it's highly unlikely someone will invest the time to bug your keyboard.

Well, it's very hard to say that someone isn't trying to bug his
keyboard. It might be a valid concern. However, if someone *is* then you
have to look at all the other possibilities as well. A small audio bug
can be enough to pick up key clicks, and some interesting work has been
done in reconstructing input based on inter-key timing. The better
typist you are, the better it works. That's one small example. What
about the many, many others given physical access to the environment?

I'm not saying that anyone should forget about securing their computer
and environment, just that if you're going to consider a new area to
secure, you should think about all the other ways an attacker with such
access might glean information.

People with unquestioned need to secure their environment choose to
create a physically secure area, rather than try to allow free access
and secure individual components from tampering. It's cheaper. It's also
more effective since it also prevents the placing of surveillance
equipment *without* tampering with legitimate equipment, and prevents
tampering with some component you haven't thought about yet.

Sun, Jul 09, 2006 at 06:01:43PM +0200, Joachim Schipper wrote:
Well I'm more or less wondering if anyone has ever done it. I'm looking
for experiences here. If I rewire my keyboard that's my business (I did
buy it after all, it is not partially owned by any government, corporation, or
other entity, not even god, it's mine and I shall do with it as I wish) and I
suspect rewriting the keyboard mapping in the kernel isn't all that hard.

This shouldn't be too hard, given suitable electronics (probably
something old and very heavy should be favoured if you really want to go
ahead) and some coding experience, but what's the point? Someone with a
little skill will soon figure out that two characters followed by
<enteris most likely 'ls'; this quickly leads to discovering what ' '
is, and so on. A simple substitution cipher isn't particularly hard to
defeat.

yes I don't deny that, however I'm more or less trying to get around
easter eggs in USB key loggers that break devices when they detect a certain
key sequence, by either being the devices themselves that break, or overloading
a device with high current if the monitoring device is a hub. Another thing
they could do is try to contact a LAN device on the same USB bus and attempt
to send a packet out to an Internet host. Surely later analysis of key
logs can reconstruct UNIX commands if they were simply scrambled by rewiring
the keyboard, but real-time investigation may not.

The suggestion above - laptop+ssh - was not a joke; it would actually do
most of what you want, without requiring you to disassemble an -
apparently - favoured keyboard with unpredictable results.

Yeah, I already use my iBook as console (believe it or not the iBook consumes
less power than my 17" LCD monitor which consumes ~150 Watts), but an external
keyboard is very comfortable as I can put my feet up without putting the
thing on my lap and the keys are spaced wider apart for more comfortable typing.
Another bonus is that I know that I'm not wearing out the keys on the iBook,
as I've actually lost/broken a few keys before, thanks to a servicing site in
Toronto they replaced a "control" key with an "alt/option" key though.
disadvantage having the macally on the iBook is when you want to break into
DDB from console you have to use the native iBook keyboard (after entry into
ddb surprisingly only the USB keyboard will work :P)

Joachim

regards,
-peter

Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote:
Well, it's very hard to say that someone isn't trying to bug his
keyboard. It might be a valid concern. However, if someone *is* then you
have to look at all the other possibilities as well. A small audio bug
can be enough to pick up key clicks, and some interesting work has been
done in reconstructing input based on inter-key timing. The better
typist you are, the better it works. That's one small example. What

Would mixing keyboard noises at random into your music / external speaker
at random be a useful countermeasure against that?

about the many, many others given physical access to the environment?

I'm not saying that anyone should forget about securing their computer
and environment, just that if you're going to consider a new area to
secure, you should think about all the other ways an attacker with such
access might glean information.

Pretend you're travelling with a zaurus like device and you take an external
USB keyboard with you including a USB hub and ****loads of little USB devices
that you can then use in the hotel room or hostel common room (I've actually
seen a Swede have such a setup at a hostel in ). If you're in a
foreign country and all of a sudden the USB hub blows up. You go out to buy
a new one at the nearest computer store and they have bugged equipment you're
up ****s creek.

People with unquestioned need to secure their environment choose to
create a physically secure area, rather than try to allow free access
and secure individual components from tampering. It's cheaper. It's also
more effective since it also prevents the placing of surveillance
equipment *without* tampering with legitimate equipment, and prevents
tampering with some component you haven't thought about yet.

Yeah well, if someone has a key to my apartment they can pet my computers
including swap USB devices, and they can do it quite easily, and if it looks
the same I probably wouldn't know a diff. It probably doesn't make sence
to spy on an open source developer since they likely will release the source
for free anyhow, however in the movie "antitrust" they did. And movies for
some reason either shape behaviour or are a reflection of behaviour in the
real world. Anyhow finding out that your devices are tampered with or, have
spy functionality, or easter eggs, _after the fact_ is too late. Pro-activity
to securing this stuff is key.
-peter

Sun, Jul 09, 2006 at 07:21:33PM +0200, Peter Philipp wrote:
Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote:
have to look at all the other possibilities as well. A small audio bug
can be enough to pick up key clicks, and some interesting work has been
done in reconstructing input based on inter-key timing. The better
typist you are, the better it works. That's one small example. What

Would mixing keyboard noises at random into your music / external speaker
at random be a useful countermeasure against that?

Sounds like a good research topic, but I suspect it would foil attempts
in the short run only.

Pretend you're travelling with a zaurus like device and you take an external
USB keyboard with you including a USB hub and ****loads of little USB devices
that you can then use in the hotel room or hostel common room (I've actually
seen a Swede have such a setup at a hostel in ). If you're in a
foreign country and all of a sudden the USB hub blows up. You go out to buy
a new one at the nearest computer store and they have bugged equipment you're
up ****s creek.

, this is certainly a different concern than the one I addressed.
Protecting yourself from equipment bugged prior to purchase? Hmm

Sun, Jul 09, 2006 at 09:17:00PM +0200, Peter Philipp wrote:
Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote:
Encrypting data from the keyboard is also not a real option,
because you need a shared secret (or something like hostkeys, how do
you know that the usb sniffer can't do MITM attacks?). The keyboard
needs to be pretty "intelligent" to do that.

Uhm I think I did say public key encryption right? Where exactly is a
shared secret needed in this?

Public encryption isn't magic. The keyboard needs a way to tell you
something like this: Hey, you've pluged me into this unknown computer,
it says his hostkey is 0xdeadbeed. Are you sure you want me to talk to
this computer?
Then you are like: Yes, the computer has this exact hostkey and
no MITM attack took place, accept this computer.

From now on, everything is encrypted and ok. However, if you don't trust
hub's, do you trust your keyboard? Remember, it needs to have a small
processor built in that can do SSL and stuff. A keylogger shouldn't
increase the costs on such a powerful thing.

Rewiring the keys , you get something like a rot13 encryption,
anybody can figure that out.

Yeah but it works against devices that are confident that everything has
rot26 encryption. And if you can "mod" your keyboard in 10 minutes for
nothing at all, except perhaps a 2 euro plug for the cables, why not?

No it doesn't. If a keycode is 1 Byte (just a assumption), you have 256
possible keys (far less in reality). It takes few minutes on a 486 to
brute-force the key against a small list of common unix commands. Don't
even think about a modern P4 oder AMD64.
Sure it's something but i wouldn't call it secure.

Anyway, the electromagnetic radiation(?) is probably so high that
nobody bothers with usb sniffers. I know it was possible to see a good
image of a crt in about 25m distance by just amplifying the signal back
in '96 (I was interested in building mini-bugs and have a few books
about the technology available to this time).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right?

I like this idea, you can't fsck with it easily, the keyboard could be
shielded nice. And the electronics don't necesarily need to be
complex and powerful (IR should do it, no need for a laser diode).

Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Depends on your needs. If want to protect against a casual attacker, it
may just be enough, but it's wasted time if some TLA tries to shut
down your international muslim terrorist attack planing mailinglist server
somewhere in russia good luck ;)

Btw: i highly doubt that "encrypted" wireless keyboards are implemented
in such a way that it's secure to use them. I don't have one and no
equipment to check, but experience teaches that the industry doesn't
come up with secure solutions for the consumer market (or only after
millions of people have complained and demonstrated that it's insecure,
see the WEP desaster)

Tobias

The only practical solution i can see is using a laptop with good
shielding and build a grounded copper case arround it. Make sure that
there is no HF going out on any cables, no external devices etc.
To meassure that the stuff really works, you may need an oscilloscope

Not everyone likes laptops.

I think the best is not to rely on encryption of hardware at all and
consider everything 'buged'. The only 'secure' thing is ram and the cpu.
Don't have a firewire port in your computer, it allows access to any
memory location [2].

That's not a guarantee. But little change by little change will isolate
insecurities until a system is secure, right? (didn't somene coin the
phrase "security is a process"?)

Tinfoil hat linux [3] is worth a look (There are more interresting links
on that page)

Still paranoid? ;)

[snip]

Tobias

[1]

[2]

[3] http://tinfoilhat.shmoo.com/

regards,
-peter

Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote:
Encrypting data from the keyboard is also not a real option,
because you need a shared secret (or something like hostkeys, how do
you know that the usb sniffer can't do MITM attacks?). The keyboard
needs to be pretty "intelligent" to do that.

Uhm I think I did say public key encryption right? Where exactly is a
shared secret needed in this?

Rewiring the keys , you get something like a rot13 encryption,
anybody can figure that out.

Yeah but it works against devices that are confident that everything has
rot26 encryption. And if you can "mod" your keyboard in 10 minutes for
nothing at all, except perhaps a 2 euro plug for the cables, why not?

Anyway, the electromagnetic radiation(?) is probably so high that
nobody bothers with usb sniffers. I know it was possible to see a good
image of a crt in about 25m distance by just amplifying the signal back
in '96 (I was interested in building mini-bugs and have a few books
about the technology available to this time).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

The only practical solution i can see is using a laptop with good
shielding and build a grounded copper case arround it. Make sure that
there is no HF going out on any cables, no external devices etc.
To meassure that the stuff really works, you may need an oscilloscope

Not everyone likes laptops.

I think the best is not to rely on encryption of hardware at all and
consider everything 'buged'. The only 'secure' thing is ram and the cpu.
Don't have a firewire port in your computer, it allows access to any
memory location [2].

That's not a guarantee. But little change by little change will isolate
insecurities until a system is secure, right? (didn't somene coin the
phrase "security is a process"?)

Tinfoil hat linux [3] is worth a look (There are more interresting links
on that page)

Still paranoid? ;)

[snip]

Tobias

[1]

[2]

[3] http://tinfoilhat.shmoo.com/

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter

Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.

course. That's not my point of doing this though, as I had tried to
explain. Just because it seems senseless to do doesn't mean that it hasn't
a purpose. When someone smuggles a bugged USB device into somewhere
they heighten their odds of getting caught if they have to come back to
pick up the data that's been recorded.

If they can just go in once and have the device remotely update them,
they will prefer that. Even then if the device is inside shielded
surroundings a radio signal is not guaranteed to make it out. A vendor
in the United Arab Emirates cannot get his hopes up that he'll be able to
retrieve a bugged device when it's sold to a foreigner. So that leaves
devices that are rather passive like a timebomb that explodes only at a
certain altitude is detected or a landmine that detects the mass of a
heavy vehicle.

And the programming of these devices better rot13 every character typed
25 times in order to find keywords. If they don't, and this is what
I'm hoping on, there is a hole and the function of possible easter-eggs
has been bypassed (surely after this post someone will change the
programming of such things, but my devices bought before are safe).
Also the way most corporations work is they only do the basic
functionality "as needed", if no USB keyboard rot13's their keys they
won't see a need to check for such input (again until now).

Perhaps a keyboard that uses light instead of electrical signals is an
overall better solution? Aren't laser emitting diodes fairly cheap today
and the price of roughly 4 meters of fibre-optic cable should be acceptable
for a keyboard right? Until then, USB keyboards encrypting would be better
right? How much are you willing to spend for a secure keyboard anyhow? How
much are people spending for "wireless" keyboards?

Light-conducting cables are apparently harder to tap than electrical,
but they certainly can be tapped by one of the big TLAs.

course.

As to secure keyboard prices, I wouldn't bother buying one, even if it
was no more expensive than a regular keyboard - none of my hard drives
are encrypted, so an encrypted keyboard is nonsense.

, your hard drives *are* encrypted, no? , this discussion
would be quite pointless.

Not exactly. If a neighbour has a parabolic antenna pointed at my computers
location in hopes that they'll pick up any electro-magnetic radiation that
escaped the weak-shielded USB cable, and they can reconstruct the keys typed,
then there is point for concern as the security has been breached and it's
been breached without physical access. If the USB keyboard did encrypt
which is the point of this discussion then they have to throw computing
power at cracking the keys first which makes their purpose more expensive.

Also I was more concerned about _other_ USB devices being dogged bastards on
the USB bus initially.

No amount of painting over holes will ever make something secure. (See
Internet Explorer for a fine example)

Joachim

Perhaps. What exactly do you think BSD has been doing for 10+ years?
First it was strcat/strcpy -strlcat/strlcpy, next it was W^X, and after
that mmap()'ed malloc() with stackgap to protect the heap. Seems to me
it was a process over time, to get us to where we are now. Was it not
painting over holes? Nobody re-designed the entire system new. Am I
wrong?

If anyone can find USB keyboards that do encryption over the USB bus,
please share the URL.

regards,
-peter