2014-12-19 19:02:59.762825+00 by Dan Lyke 3 comments
This Little USB Necklace Hacks Your Computer In No Time Flat, describing USBdriveby, a device that uses USB HID to take over a Mac when it's plugged in.
Time to epoxy up those USB ports, kids!
[ related topics: Children and growing up Macintosh ]
comments in ascending chronological order (reverse):
#Comment Re: USB HID pwnage made: 2014-12-19 19:33:15.49456+00 by: markd
Looks like it's assuming that the machine is left logged in and unattended and is just a faster version of someone typing in stuff (Hey, this is Unix. I know this). if you let someone have that kind of access to your machine you get what you deserve.
Now if he can demo that working when walking up to a machine that's password-locked, then I'd be impressed.
#Comment Re: USB HID pwnage made: 2014-12-19 20:14:23.805406+00 by: Dan Lyke
If it occurs fast enough, you just put this in a USB stick and give it to someone. Or, echoing previous exploits with autorun.inf, leave some malicious USB sticks lying around outside offices of place you want to infiltrate...
#Comment Re: USB HID pwnage made: 2014-12-21 11:21:01.926669+00 by: meuon
Side note, I watched the first public demonstration of this type of attack several years ago at Phreaknic by IronHacker, and it had been around before then. I think there were some ways around login in MS-Machines, but that is just my memory