Description: Laptop docking stations are widely used in the corporate world, often in hot-desking environments. They provide a neat connectivity solution for workers who are semi-mobile and therefore use laptops rather than desktop PCs. However, laptop docks are an attractive target for an attacker. They have access to the network, to all the ports on a laptop (and often some that aren't) and they are permanently connected to a power supply. But most importantly, they are considered to be trusted, "dumb" devices - they just connect all the ports on your laptop to the ports in the dock right? The IT department is more concerned about someone stealing your laptop, so they'll ask you to secure your laptop with a Kensington lock (but not necessarily to secure the dock). This talk is about how attackers can exploit the privileged position that laptop docking stations have within the corporate environment. It will also describe the construction (and show a demo) of a remotely controllable, covert hardware implant within a commonly used laptop docking station, but most importantly it will discuss some of the techniques that can be employed to detect such devices and mitigate the risks that they pose.
For More Information please visit : - http://www.blackhat.com/eu-13/briefings.html
Tags: securitytube , hacking , hackers , information security , convention , computer security , blackhat-eu-2013 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.