Raspberry Pi As Hardware Backdoor

An anonymous reader writes "NCC Group has released a new whitepaper at the Blackhat Europe conference on using a Raspberry PI as a hardware-based backdoor (PDF) in laptop docking stations. From the paper: 'The IT department is typically more concerned about someone stealing your laptop, so they'll ask you to secure your laptop with a Kensington-style lock, but not necessarily to secure the dock. This paper details how attackers can exploit the privileged position that laptop docking stations have within an environment. It will also describe the construction of a remotely controllable, covert hardware implant, but most importantly it will discuss some of the techniques that can be employed to detect such devices and mitigate the risks that they pose.'"

Surprise!!!

[bferrell]

If you have physical access, you can do bad things. Is this really news or simply fear mongering?

Re:Surprise!!!

[Garridan]

Naw, the paper is a good read. Fun pictures, funnier security recommendations. I'd love to see the IT guy who goes around weighing people's docking stations. Poor sap would end up taking night shifts just to avoid the teasing.

Re:Surprise!!!

[gweihir]

It is just a nice demonstration of something that has been known for a long time. As such, the _demonstration_ is news, but not the possibility itself.

I must say however, that the motto "freedom from doubt" on the paper is pure snake-oil, as IT security cannot achieve that and anybody that claims this is a liar. What IT security can to is reduce risks and make it harder for an attacker to get in. When the attacker has to spend more than the protected information is worth, you could say that you have "perfect security" or "freedom form doubt", but that does not happen in practice. The problem is that you cannot estimate the worth if your secret data to the attacker reliably. For example, your attackers may be fanatics (maybe even in the form of a fanatics-run nation state) and hence may be completely irrational and attribute value to the secret data or the successful break-in itself that is far beyond any rational estimates.

Raspberry pi nothing, printers are the real danger

[Dwedit]

Forget raspberry pi, the real danger is your printer. Printers can have their firmware upgraded by printing a special PDF file. They are networked devices. Once hacked, they can carry out attacks, act as backdoors, or even send a copy of everything printed to an attacker.

someting so huge

[silas_moeckel]

Why use a R pi when you can get linux boxes the size of Ethernet jacks? Because the R Pi is "cool"?

Re:article wrong on voltage divider for power sour

[gweihir]

Hehehehe, fascinating!

In addition, these people do not know that a voltage divider is entirely unsuitable for powering anything with variable current consumption. The easy solution would be to use a switching-mode 5V 1A regulator module like the Traco Power TSR 1-2450. My guess is they never powered the Raspberry Pi from the 19V input. These people seem to understand digital electronics to some degree, but gave no clue about analog electronics.

The demo is nice nonetheless.

Re:This article is not about Raspberry Pi...

One approach we've seen on attacks on us, i.e. drives people find in the parking lot, is that the device appears as a composite device. Part of it shows up as an almost empty USB drive with a couple of innocuous Word documents, as long as you don't show hidden files and directories. However, the second and third parts are HID, when idle for too long, the new keyboard will try to do windows key+R -> "iexplore malwaresite". They also do other attacks using that means of access of a combination USB drive, keyboard and mouse.