30 Jul '14, 8pm

Developed on Hackaday: Beta Testers, Animation and Assembly Videos

Developed on Hackaday: Beta Testers, Animation and Assembly Videos

Oh, I got a few answers when reading the FAQ. Sorry for wasting your time… How are the credentials sent to the computer? The Mooltipass is enumerated as a composite HID keyboard / HID proprietary device. Is it still possible to sniff the passwords sent over HID? In theory yes. As mentioned in our project description the Mooltipass aims at reducing the number of attack vectors to a minimum: the device basically types your password as if you were doing it yourself. A simple system hook application can sniff the passwords. Sure a anti-spyware tool or scanner might find this software, but there’s also legit software that can be easily installed by someone with administrator rights. It is extremely easy to hack Windows OS’es. I’m looking at the advantages of this gadget over software-based solutions (at Github): As at a given moment your passphrase and your database are stored ...

Full article: http://hackaday.com/2014/07/30/developed-on-hackaday-beta...

Tweets