"monitor the input layer"
"monitor the input layer"
Posted Jul 28, 2016 8:40 UTC (Thu) by kruemelmo (guest, #8279)Parent article: One-time passwords and GnuPG with Nitrokey
Posted Jul 28, 2016 9:05 UTC (Thu)
by Gollum (guest, #25237)
[Link] (1 responses)
A USB Keyboard will receive notifications from the OS that another keyboard has pressed the toggle buttons, so that all keyboards can stay in sync in that regard. That doesn't give the other devices access to any of the other keys that were pressed.
Posted Jul 28, 2016 10:06 UTC (Thu)
by kruemelmo (guest, #8279)
[Link]
Posted Jul 28, 2016 10:18 UTC (Thu)
by mfuzzey (subscriber, #57966)
[Link] (8 responses)
However a USB device can intercept traffic from the same host controller to other devices. But it doesn't work in the other direction (a device can't intercept data from other devices to the host controller). This means that a rogue device connected to the same host controller / root hub could, for example, intercept data you are writing to a thumb drive but not data you are reading. The asymmetry is because hubs broadcast everything in the host=>device direction. I think this has changed in USB 3 though.
Also a USB device can enumerate as a keyboard whilst pretending to be something else. That allows it to inject fake keystrokes, but not intercept real keystrokes.
Posted Jul 28, 2016 11:35 UTC (Thu)
by Gollum (guest, #25237)
[Link] (6 responses)
Posted Jul 28, 2016 12:34 UTC (Thu)
by cladisch (✭ supporter ✭, #50193)
[Link] (5 responses)
Section 11.1.2.1 of the USB 2.0 specification says: However, when hubs translate between the different bit rates (low/full/high/super/super+ speed), they do care about the destination port.
Posted Jul 28, 2016 13:16 UTC (Thu)
by Gollum (guest, #25237)
[Link] (4 responses)
Posted Jul 28, 2016 15:18 UTC (Thu)
by Beolach (guest, #77384)
[Link] (3 responses)
I'm guessing there aren't any USB switches, since USB has a much stronger host/device directionality in its link layer specification than ethernet does, so the extra expense of a switch instead of a hub wouldn't be worth it. But if there are I'd be interested to know.
Posted Jul 28, 2016 18:32 UTC (Thu)
by JanC_ (guest, #34940)
[Link] (2 responses)
Posted Jul 28, 2016 21:07 UTC (Thu)
by mathstuf (subscriber, #69389)
[Link]
Posted Jul 29, 2016 8:50 UTC (Fri)
by Gollum (guest, #25237)
[Link]
More like something that intelligently directs traffic from the host to the targeted USB device ONLY, rather than broadcasting it to all devices on the same hub (as the spec indicates should happen).
From a security perspective, this could hypothetically allow a malicious device to snoop on things like passwords being sent to a security token to unlock it, scrape data being written to a flash drive. eavesdrop on network traffic sent to a 3G dongle, etc, etc.
Posted Jul 28, 2016 19:29 UTC (Thu)
by corsac (subscriber, #49696)
[Link]
"monitor the input layer"
"monitor the input layer"
thanks!!
"monitor the input layer"
"monitor the input layer"
"monitor the input layer"
In the downstream direction, hubs operate in a broadcast mode. When a hub detects the start of a packet on
its upstream facing port, it establishes connectivity to all enabled downstream facing ports.
"monitor the input layer"
"monitor the input layer"
"monitor the input layer"
"monitor the input layer"
"monitor the input layer"
"monitor the input layer"