-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2016-12-10 14:36, Robert Fisk wrote: > On 12/10/2016 08:25 AM, Marek Marczykowski-Górecki wrote: >> This project have great potential! The USB proxy hardware can be >> used for somehow more secure USB keyboard usage on Qubes OS, when >> only a single USB controller is available. Take a look at this >> idea[1]: > >> Have a piece of hardware plugged between USB keyboard and PC (based >> on https://github.com/robertfisk/USG?), to encrypt and >> integrity-protect the events. And then decrypt them in dom0 and >> check integrity protection, and only then pass them down to input >> devices stack. This should at least partially guard against >> malicious USB VM. It still will be able to perform timing based >> attacks to guess what you're typing - not sure how accurate such >> attacks are currently. Such device could introduce artificial delay >> (like - inject queued events every 50ms) to at least partially >> mitigate such attacks. > >> What do you think about it? I think the hardware you've designed >> is perfect for this! > >> [1] >> https://github.com/QubesOS/qubes-issues/issues/2507#issuecomment-265894809 > > This sounds like a great idea, and I am keen to be involved. There is > plenty of flash space available on the embedded CPUs to implement some > form of encryption, although the best method of doing so on bare-metal > ARM is certainly open for discussion. > > A recent batch of hardware samples sold out in November. Due to Real > Life(TM) the next batch of hardware is likely to be ready late January > or early February. Pricing is currently NZ$80 each (approx US$57). > > Regards, > Robert >
Tracking this as a community-developed feature: https://github.com/QubesOS/qubes-issues/issues/2518 https://www.qubes-os.org/qubes-issues/#usg-keyboard-hardware-proxy Please keep us posted as to your progress, and let us know how we can help. :) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYT6Z0AAoJENtN07w5UDAwXNsP/j0KrGEyjCHq0h3v7/nmlTwx YGn05f+Bh7L7r9HSGOeH9PMgKkFr85btXdXPhG5+swCSdFgmhbkcad0lgy8hX2mz uZND7Z/wnEI99kK7D2EN3Kl9vM4fHM4/I8jV6ulwXPrMfr8xNvdDiQn9JLfcUTwU SvL4VzP92JKZTss2ILfjK8TsH7cIoFek72+Bn9dQKyppDmrlxi9xu0Y67m0B8NkW L94YLLIQGO4Qq2vuuVlTIJmw6DGN8AXbwMwOixBtirM1AzeAZGt9GB3ZtTU438EE xFXc9Ould67L2sqluuj7rkLoAE6QnkhzeyCbsgfS6OcE2rCXCNdQkmjx8zXzLrgL DZg+D/PPCwSSyV2tzeGfsxTX4bY1w7dc8ecPHcgeuAV7L7UjL7hSrNJj3Y49jEtR XBmleAq9XCaStYl29MkpYNLddCI3grLMwRFnW9adg85PU2Zay7q64Ay8OSjZDa72 wuO57t6UchbHRURth5P8Sa2SmjzenohPPWeWOqETa6O1ZMj+4+P+X2F+cS1pawio EAggf4y/brbQkAAyC5eYpO7RxmzvbWN2Ciu0csYD8GEHBvvcJC2N/bENRBUujI8i J9AjU2E1hoYwRbghwk7iNRFzCcPr1WJW3sbhibKjaTrIwKVsib/3XkgeXM5e6bU1 yGJ9eVDpcb/ekzvzM5qm =kZIF -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0a10c703-9bef-1878-363c-41d0705c4734%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
