Apple keyboard gets hacked like a ripe papaya, perp caught on video

Peeps were hatin’ on it ‘fore I left my comment.

@SteveJr_Ri
When Apple states that they are free of viruses and such... That statement is not limited to their OS, but includes their hardware to.

Why should it include their hardware? Because they make that too... In fact they do not let anyone else make hardware for their OS.

I think what's scary is it's possible for a hacked firmware just force the Mac into single user mode at boot time then enter some shell commands with root privilege.

If that's doable, key logger will be the least of your concern.

uh.. if it can be infected at OS level, why cant it be quarantined at OS level?

@AnnoyingPoster

Your comment certainly speaks volumes about your English reading comprehension levels.
The article said this has nothing to do with the OS, as it is a hack in the firmware.

@ liamf555

It was always burning, since the world's been turning... ??

I'm not panicked. I never am about "vulnerabilities" that require physical access to the computer.

If you have physical access to the computer, you don't need to update device firmware, you can simply plug a USB device between the keyboard and machine that does all the keylogging without all the hassle.

For that matter, if you had remote access to the computer, wouldn't it be easier to install keylogger software instead of software that updates device firmware which then does the keylogging?

Maybe if my keyboard had a direct connection to the internet instead of having to go through my computer/operating system, but last I checked that wasn't a feature.

I see ten years of jail time in K. Chen's future... (see previous RSS story).

@TavisJohn:

The fact that you can use third-party hardware with a Mac, probably with even greater compatibility than Windows just makes your argument moot. Apple doesn't state that they are virus free even though there hasn't been a virus in recent memory. A phrase used to describe a product doesn't have to reflect the whole company's product line.

If you need access to the hardware and/or the computer it's attached to in order to make your hack work, it isn't a virus. Heck, unless they package it up and upload it as an application/installer, it isn't even a Trojan. This is... nothing.

An Apple keyboard modded into a keylogging peripheral does not a malicious hack make.

@Prokanda

You shut up, all they said there was that there weren't 114,000 viruses for Macs, not that there were none...

I LIKE PAPAYAS!

i get nothing from the video, so unclear. so the kb store your keystrokes, then does it send them out in some way? or the hacker have to physically take the keyboard away and red it on an other pc?

Maybe they can fix the power issue with the usb ports at the same time?

Zzzzzz. . .

while swapping keyboards in a office environment is easy enough, gettting the data before it is overwritten would be harder. so just add in one of those micro USB drives that hold 4 GB. Sony has one thats as big as a pinky nail.

hacked like a ripe papaya? Needs one of those Fraunhofer fruit-freshness checking things.

Now you might have any gripe as you want about the Mac OS X as you want, but this problem was regarding hardware and the fact that the firmware in the keyboards was possible to upgrade. Since they was open, black hat hackers / crackers can exploit this to upload their own firmware after they reverse engineered the original.

So OS X was not to blame, in fact. the computer could be running windows or linux.

Need root password to hook it into the system or it won't do anything.

Is it possible to update the apple keyboard firmware without os x? I have Ubuntu and XP.

thanks

Ah, the tower of Apple kept taunting as the fortress of Microsoft actually fought back.

It'll be fun to see the tower topple (hopefully).

The point is, if you criticize your competition for having viruses in public and make a national TV commercial to make fun of it, then you'd damn better make sure that your system is iron-clad! I remember last year in one of the hacking contest, Mac was hacked within 10 seconds and was the easiest to hack.

The only reason Mac has less virus than PC is because nobody cares enough to hack a Mac. I don't care OSX is secure UNIX or whatever. If there are enough people with enough time wanting to crack, it will crack.

I just want to know how someone figures this out. Seems like they have too much time on their hands.

i had no idea keyboards had firmware

I agree that this is not issue of OSX directly, this keyboard is made by Apple and sold by Apple, I don't think there are many linux/windows users who use this keyboard, there are tons of OSX users who do. I think we all agree that this issue has biggest impact on OSX users.

@ bootareen

Greater compatibility? WTF world have you been living in for the past 10 years?

There is no possible way that you can seriously believe this. You sir, are an ignorant/blind fool.

Any USB keyboard can be modded in this way, and not just Apple ones. The use of the word "Apple" is just to attract attention and act as flamebait.

The problem is the implementation of the USB spec--it wasn't designed for security. Nearly any USB device that has firmware (which is just about all of them) can be flashed with malicious firmware.

This is neither news nor an "Apple" problem.