How I discovered a hidden microphone on a Chinese NanoKVM
5 days ago
- #Privacy
- #Hardware
- #Cybersecurity
- NanoKVM is a compact, affordable KVM switch developed by Chinese company Sipeed, allowing remote computer/server control via a web browser.
- The device features HDMI, USB-C, Ethernet ports, and can emulate keyboard, mouse, and other USB devices without requiring software installation on the target computer.
- Security issues include default passwords, hardcoded encryption keys, reliance on Chinese DNS servers, and communication with Sipeed's servers in China.
- A hidden microphone was discovered, capable of recording high-quality audio, with tools pre-installed for recording and transferring audio files.
- The device includes hacking tools like tcpdump and aircrack, raising further security concerns.
- Despite issues, the open-source nature allows for custom software installation, with efforts underway to port Ubuntu Linux for improved security.
- The discovery highlights broader concerns about hidden functionalities in devices, with examples from Apple and Google also cited for privacy violations.