Hi Tony,
On 2006.07.10, at 12:17 PM, Tony Abernethy wrote:
Security is a process
Slogan for snake-oil?
I would prefer, Security is an ongoing process.
Something which you can't just buy and be done with and something
which does not end.
Shane
Joachim Schipper wrote:
The most sensible implementation of what you want is a laptop + ssh, I
suppose.
Make sure you get the kind without the built-in keylogger. ;-)
http://virus.org.ua/unix/keylog/klog.htm
--
Stephen Takacs [EMAIL PROTECTED] http://perlguru.net/
4149 FD56 D078 C988
Original message
Date: Mon, 10 Jul 2006 11:33:12 -0400
From: Stephen Takacs [EMAIL PROTECTED]
Subject: Re: USB keyboards / encryption
To: misc@openbsd.org
Joachim Schipper wrote:
The most sensible implementation of what you want is a laptop + ssh, I
suppose.
Make sure you get
On Mon, Jul 10, 2006 at 12:22:20PM -0500, Jacob Yocom-Piatt wrote:
Original message
Date: Mon, 10 Jul 2006 11:33:12 -0400
From: Stephen Takacs [EMAIL PROTECTED]
Subject: Re: USB keyboards / encryption
To: misc@openbsd.org
Joachim Schipper wrote:
The most sensible
I know that wireless keyboards have built-in encryption, but do wired keyboards
or specifically USB keyboards exist that encrypt the typed input for the USB
bus?
I suspect something like public key encryption on the keyboard which choses a
random key for the key-input and exchanges it securely
On Sun, Jul 09, 2006 at 02:25:12PM +0200, Peter Philipp wrote:
I know that wireless keyboards have built-in encryption, but do wired
keyboards or specifically USB keyboards exist that encrypt the typed
input for the USB bus?
I suspect something like public key encryption on the keyboard
On Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote:
On Sun, Jul 09, 2006 at 02:25:12PM +0200, Peter Philipp wrote:
I know that wireless keyboards have built-in encryption, but do wired
keyboards or specifically USB keyboards exist that encrypt the typed
input for the USB bus?
On Sun, Jul 09, 2006 at 04:22:29PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote:
On Sun, Jul 09, 2006 at 02:25:12PM +0200, Peter Philipp wrote:
I know that wireless keyboards have built-in encryption, but do wired
keyboards or specifically
On Sun, Jul 09, 2006 at 06:01:43PM +0200, Joachim Schipper wrote:
You are, possibly, confusing a world in which people are out to get you
with one where (most of) the rest of the world doesn't particularly care
what happens to you. I'm not saying we're living in a wonderland, but
it's highly
On Sunday, July 9, 2006, 10:22:29, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote:
...
I am not aware of any keyboard of the sort you describe, nor do I see
the use of such a thing. Seriously, what are you trying to protect
against? Hardware
On Sun, Jul 09, 2006 at 06:01:43PM +0200, Joachim Schipper wrote:
Well I'm more or less wondering if anyone has ever done it. I'm looking
for experiences here. If I rewire my keyboard that's my business (I did
buy it after all, it is not partially owned by any government, corporation,
On Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote:
Well, it's very hard to say that someone isn't trying to bug his
keyboard. It might be a valid concern. However, if someone *is* then you
have to look at all the other possibilities as well. A small audio bug
can be enough to
On Sun, Jul 09, 2006 at 07:21:33PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote:
have to look at all the other possibilities as well. A small audio bug
can be enough to pick up key clicks, and some interesting work has been
done in
Sounds like a good research topic, but I suspect it would foil attempts
in the short run only.
Pretend you're travelling with a zaurus like device and you take an external
USB keyboard with you including a USB hub and shitloads of little USB
devices
that you can then use in the hotel room
On Sun, Jul 09, 2006 at 07:21:33PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote:
Well, it's very hard to say that someone isn't trying to bug his
keyboard. It might be a valid concern. However, if someone *is* then you
have to look at all the
On 2006/07/09 14:25, Peter Philipp wrote:
I know that wireless keyboards have built-in encryption,
Some do, not all.
On Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote:
Encrypting data from the keyboard is also not a real option,
because you need a shared secret (or something like hostkeys, how do
you know that the usb sniffer can't do MITM attacks?). The keyboard
needs to be pretty intelligent to
On Sun, Jul 09, 2006 at 09:17:00PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote:
Encrypting data from the keyboard is also not a real option,
because you need a shared secret (or something like hostkeys, how do
you know that the usb sniffer can't
On Sun, Jul 09, 2006 at 09:17:00PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote:
Encrypting data from the keyboard is also not a real option,
because you need a shared secret (or something like hostkeys, how do
you know that the usb sniffer can't
On Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote:
Because if it's eventually read by a human, a human that bothered to bug
your keyboard in the first place, it can be easily decoded.
Of course. That's not my point of doing this though, as I had tried to
explain. Just because
On Sun, Jul 09, 2006 at 10:55:47PM +0200, Tobias Ulmer wrote:
Depends on your needs. If want to protect against a casual attacker, it
may just be enough, but it's wasted time if some TLA tries to shut
down your international muslim terrorist attack planing mailinglist server
somewhere in
On Sun, Jul 09, 2006 at 11:51:56PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 10:55:47PM +0200, Tobias Ulmer wrote:
Depends on your needs. If want to protect against a casual attacker, it
may just be enough, but it's wasted time if some TLA tries to shut
down your international
On Mon, Jul 10, 2006 at 12:11:25AM +0200, Joachim Schipper wrote:
Did you find an actual consumer-grade USB device that blows up if you
enter terrorist words? Al Quaeda is really cool, we're going to bomb
those American pigs - well, this one still works. Must be because it's a
pre-9/11
On Sun, Jul 09, 2006 at 11:51:56PM +0200, Peter Philipp wrote:
On Sun, Jul 09, 2006 at 10:55:47PM +0200, Tobias Ulmer wrote:
Depends on your needs. If want to protect against a casual attacker, it
may just be enough, but it's wasted time if some TLA tries to shut
down your international
Peter Philipp wrote:
[snip]
But little change by little change will isolate
insecurities until a system is secure, right? (didn't somene coin the
phrase security is a process?)
Little change by little change will isolate little insecurities.
Little change by little change will
25 matches
Mail list logo