Quote:
Originally Posted by ratbastid
If you've got physical access, you can plug a physical keylogger in. More detectable, if you're looking, but easier. In the security world, once somebody's got physical access, you've already lost the game.
|
I would agree that physical access is a problem but it seems the keyboard problem is still a major issue. Here are a couple of ways it could be easily exploited:
1) University Labs, log into a public terminal and your login credentials are saved. Gaining physical access to this would be simple.
2) Individuals could easily buy brand new mac keyboards, reflash them, and then sell them as new either in a shop, on ebay, etc. Even worse employees for the manufacture could do this during the manufacturing process.
The problem with this hack is the peripheral itself which is generally a trusted device can be reprogrammed to do very bad things and no one would know better.