"Spy-Pi: Do you trust your laptop docking stations?", presented at AthCON 2013

by Andy Davis,

Tags: Security

Summary : Laptop docking stations are widely used in organisations, often in hot-desking environments. They provide a neat connectivity solution for workers who are semi-mobile and therefore use laptops rather than desktop PCs. However, laptop docks are an attractive target for an attacker. They have access to the network, to all the ports on a laptop, often some that aren't and they are permanently connected to a power supply. But most importantly, they are considered to be trusted, "dumb" devices � the perception is that they just connect all the ports on your laptop to the ports in the dock. The IT department is typically more concerned about someone stealing your laptop, so they'll ask you to physically secure your laptop, but not necessarily to secure the dock. I recently investigated how attackers can exploit the privileged position that laptop docking stations have within an environment and how to construct a remotely controllable, covert hardware implant, based on the Raspberry Pi miniature computer. More importantly I went on to investigate some of the techniques that can be employed to detect such devices and mitigate the risks that they pose.