2014-12-19 20:02:59.762825+01 by Dan Lyke 3 comments
This Little USB Necklace Hacks Your Computer In No Time Flat, describing USBdriveby, a device that uses USB HID to take over a Mac when it's plugged in.
Time to epoxy up those USB ports, kids!
[ related topics: Children and growing up Macintosh ]
comments in descending chronological order (reverse):
#Comment Re: USB HID pwnage made: 2014-12-21 12:21:01.926669+01 by: meuon
Side note, I watched the first public demonstration of this type of attack several years ago at Phreaknic by IronHacker, and it had been around before then. I think there were some ways around login in MS-Machines, but that is just my memory
#Comment Re: USB HID pwnage made: 2014-12-19 21:14:23.805406+01 by: Dan Lyke
If it occurs fast enough, you just put this in a USB stick and give it to someone. Or, echoing previous exploits with autorun.inf, leave some malicious USB sticks lying around outside offices of place you want to infiltrate...
#Comment Re: USB HID pwnage made: 2014-12-19 20:33:15.49456+01 by: markd
Looks like it's assuming that the machine is left logged in and unattended and is just a faster version of someone typing in stuff (Hey, this is Unix. I know this). if you let someone have that kind of access to your machine you get what you deserve.
Now if he can demo that working when walking up to a machine that's password-locked, then I'd be impressed.
We will not edit your comments. However, we may delete your comments, or cause them to be hidden behind another link, if we feel they detract from the conversation. Commercial plugs are fine, if they are relevant to the conversation, and if you don't try to pretend to be a consumer. Annoying endorsements will be deleted if you're lucky, if you're not a whole bunch of people smarter and more articulate than you will ridicule you, and we will leave such ridicule in place.
Flutterby™ is a trademark claimed by
Dan Lyke for the web publications at www.flutterby.com and www.flutterby.net.