|
| ▲ | 6c696e7578 an hour ago | parent | next [-] |
| I think the paranoia stems from the HID inserting winflag+r, powershell curl https... which installs keylogging software. It can do that after a 10 minute or so countdown timer so it might not seem immediately obvious, or might seem like part of a auto-update with powershell postinstall. |
|
| ▲ | aaronmdjones 8 hours ago | parent | prev | next [-] |
| > As for inserting keystrokes, that will be obvious if it enumerates as a keyboard. This is true, but this also doesn't need to happen at insertion time. An HID keyboard can show up, say, 3 hours after you plug it in. I miss grsecurity's patch set so much. It had an option to defeat this (deny all USB device enumeration post-boot, i.e. after the kernel executes init). |
|
| ▲ | fooker 8 hours ago | parent | prev | next [-] |
| There are plenty of USB keyloggers available for purchase right now. While I can try and conjecture how those might work, that's not really in my lane. |
| |
| ▲ | aaronmdjones 8 hours ago | parent [-] | | Those work by sitting between the real keyboard and the computer, often deliberately designed to appear as an innocuous adapter (say, a USB-A keyboard plugged into a PC's USB-C port or vice versa) or extension cable. |
|
|
| ▲ | croes 8 hours ago | parent | prev [-] |
| The better attack vector would be the programs you need to use the display |
