Show threadKevin Karhan Dec 26, 2024

@foone the whole unfixably fucked security is something @stman and I discussed in lenghts.

  • We came to the conclusion that using PS/2 ports and having a fully-transparent keyboard in a vlear, sealed case with reference images is the only option.

#USB is unfixably broken as it inherently does neither #authentification (#BIOS & #UEFI filter only by #HID class drivers if they can do so at all!) nor proper integrity checking nor any #Security whatsoever.

  • Most enterprises and organizations that I know who do care about this literally hardwire systems, but them in lockedcabinets, use #PS2 HIDs, disable #USB controllers and set ports and headers in resin...

I mean, as soon as you got a #PwnPi or #PoisonTap at your hand, it's gameover...
https://www.youtube.com/watch?v=Aatp5gCskvk

PoisonTap - exploiting locked machines w/Raspberry Pi Zero

YouTube
Show threadKevin Karhan Aug 6, 2024

@dangoodin so basically the Attackers deployed a #PoisonTap-Style #DNS-#Rebinding attack by compromising the #CPE of the #ISP's customers...

https://youtu.be/Aatp5gCskvk

- YouTube

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Alex (inactive) πŸ”Jul 20, 2017
Protect your USB ports against exploits like #BadUSB and #PoisonTap by putting rules in place with something like #USBGuard.
https://github.com/dkopecek/usbguard
#infosec #linux #usb
Show threadClaes Wallin (ιŸ‹ε˜‰θͺ )Jan 3, 2017
@mikael This thing is simple, brilliant, devilish and scary.

#poisontap

I wonder if it will make its way into Mr. Robot S03. :-)