Raspberry Pi As Hardware Backdoor 76
An anonymous reader writes "NCC Group has released a new whitepaper at the Blackhat Europe conference on using a Raspberry PI as a hardware-based backdoor (PDF) in laptop docking stations. From the paper: 'The IT department is typically more concerned about someone stealing your laptop, so they'll ask you to secure your laptop with a Kensington-style lock, but not necessarily to secure the dock. This paper details how attackers can exploit the privileged position that laptop docking stations have within an environment. It will also describe the construction of a remotely controllable, covert hardware implant, but most importantly it will discuss some of the techniques that can be employed to detect such devices and mitigate the risks that they pose.'"
Surprise!!! (Score:5, Insightful)
If you have physical access, you can do bad things. Is this really news or simply fear mongering?
Raspberry pi nothing, printers are the real danger (Score:5, Insightful)
Forget raspberry pi, the real danger is your printer. Printers can have their firmware upgraded by printing a special PDF file. They are networked devices. Once hacked, they can carry out attacks, act as backdoors, or even send a copy of everything printed to an attacker.
Re:Surprise!!! (Score:4, Insightful)
You hit the nail on the head. It's just fear mongering and there is nothing new to see here.
Re:Surprise!!! (Score:4, Insightful)
This is similar to dropping a Sega Dreamcast into a network as an inexpensive hardware backdoor.
If your company has been physically compromised you probably need to start sweeping for bugs and bringing in the bomb sniffer dogs as well ;)
someting so huge (Score:5, Insightful)
Why use a R pi when you can get linux boxes the size of Ethernet jacks? Because the R Pi is "cool"?