On Sat, Sep 16, 2006 at 11:40:55PM -0500, Travis H. wrote: > This looks mildly interesting: > http://www.projectblackdog.com/product.html
Yes, a friend lent me one of these to play with a while ago, they're really quite cool. Lots of interesting possibilities - which was entirely the point of the original development version. > I guess it uses an autorun file on Windows; I wonder whether most systems > allow you to effectively launch X. Yes. The usb client port starts up emulating a usb mass storage CDROM device, and uses autorun to load a usb-ethernet driver and several other bits of software onto the windows box to help it get further. The irony is, of course, that this shouldn't work at all on a properly secured machine (though you could still try and launch the program manually if the lockdown had only gone as far as disabling autorun). The very thing it relies on to work smoothly could also have been abused to install keyloggers and other nasties on the desktop that will sink the security of the device, or at least of the user session. > The docs say it connects via ethernet over USB, so you're > effectively a thin X client. Pretty much; it offers a samba share to the host to run this and other programs from. It uses a cute covert-channel trick to switch to this mode. It starts up emulating a CD. The autorun software on the CD (and the linux hotplug script equivalent) have the task of passing some configuration/environment information through to the blackdog. The first of these is a network address range for the private 'lan' between them. On the filesystem is a directory, with four subdirectories, inside each of which are 256 files, 0-255. The autorun tool picks a network range, then reads one file from each directory in order to 'tap out' the network address. When this happens, the blackdog disconnects from the usb and reconnects, this time emulating a usb ethernet corresponding to the driver that was prepared earlier, and things continue from there over this network. > Good idea, still vulnerable to software surveillance and host OS. Yeah, and physical keyloggers and similar tampering too, pretty much unavoidable. The important thing, though, is to keep in mind the separation between the device/platform, and the default application. Plenty of alternate applications, including potentially malicious ones, might not be bothered by these concerns. > No display. There was a newer commercial variant due for imminent release about the time I was looking at the device. It had a more purpose-specific software image, some extra flash/ram, and a small screen. It had also lost something in the process, I think the card reader for extra local storage, in favour of a smaller case and a network storage concept. -- Dan.
Description: PGP signature