Hi,
I’m trying to use Keyboard/Mouse . I’m quite new to Arduino.
This is a schematic of the project
Host USB:
I want to use the Host USB shield rev 2.0.
SPI master:
The shield will communicate to an Arduino Uno using the SPI. I chose the Arduino Uno because I need an SPI Master to collect data from the Host USB.
I know it can be done by a cheaper Arduino but I want to reuse my hardware and the Uno is really helpful for many projects.
Emulated Device:
I use Leonardo Arduino in order to emulate Keyboard and Mouse using the HID library.
The problem with this solution is special keys which are not taken into account.
I will use a serial transmission (TX and RX and the Easy Transfer Arduino Library from Bill Porter).
I can’t use I²C because it would be hard to demonstrate that data goes only in one way. I need also an optocoupler and a switch to ensure that only one Leonardo will have access to the data from the Uno at a time.
Only the TX from the Uno and the Rx from the two Leonardo will be use. Not the Rx from the Uno and the Tx from the Leonardo.
Power supply:
I think I can use the 5V from the USB and use it for every Arduino/shield but I’m not sure. Do I have to add a 5V power source?
This is what I want to do. Now I would like to know your opinions and advices.
Is this a proper solution?
What do you mean by 'shared memory', is this instance? What 'shared memory' does this - http://www.belkin.com/flip/ - for example, present that could be exploited. As someone that works on a list-x site, I'm interested to know.
dxw00d:
What do you mean by 'shared memory', is this instance? What 'shared memory' does this - http://www.belkin.com/flip/ - for example, present that could be exploited. As someone that works on a list-x site, I'm interested to know.
I too would like to know this. Sounds like security FUD to me. Keyboards and mice are "dumb" devices, the computer doesn't send any data to them.
I'm wondering if there is some confusion between KVMs, as in keyboard/video/mouse switches, and KVMs, as in Kernel Virtual Machines, which do have shared memory that could be exploited.
@wizdum: I know that Keyboards and mice are dumb devices but the problem is for example if it's not a mouse connected to the KVM but a USB key. Then there will be a common memory.
Using the term "shared memory" wasn't a good idea because of it's meaning in technical language. Sorry for the wrong translation.
My point is I want to separate the processing part in 2 ways.
So if I use a classic KVM from the market, the KVM will do an emulation of the keyboard/mouse and store that data in memory.
This data will be common for both computer and here is the problem.
What about the technical aspect of my project? Do you think it is a feasable solution?
if it's not a mouse connected to the KVM but a USB key.
This is only a risk if the KVM is capable of presenting itself as a Mass Storage device. I don't think that the Belkin Flip supports pass-through of mass storage devices. I'll try it tomorrow. I'm pretty sure it is not capable of presenting itself as anything other than a HID device.
So if I use a classic KVM from the market, the KVM will do an emulation of the keyboard/mouse and store that data in memory.
This data will be common for both computer and here is the problem.
Can you provide some supporting documentation that shows there is an exploitable risk here?
@dxw00d: There is no confusion. It is about KVM Keyboard/Video/Mouse except that I don't care about the video.
@wizdum: I know that Keyboards and mice are dumb devices but the problem is for example if it's not a mouse connected to the KVM but a USB key. Then there will be a common memory between my two computers.
Using the term "shared memory" wasn't a good idea because of it's meaning in technical language. Sorry for the wrong translation.
My point is I can't have somewhere in my project a memory which can be access by both computer.
I must have a complete separation between them.
So if I use a classic KVM from the market, the KVM will do an emulation of the keyboard/mouse and store that data in memory.
This data will be common for both computer and here is the problem.
What about the technical aspect of my project? Do you think it is a feasable solution?
If the system isn't locked down enough to prevent a malicious user from plugging a usb key into a KVM, whats stopping them from plugging the USB key into the computer directly? I think you are going to have a difficult time finding a way to allow devices to share peripherals, while maintaining "complete separation between them". You could always go old school and use a KVM that uses physical, analog switches to change between devices, I guess. But then there is still nothing preventing the user from just unplugging the system.
I am also curious about your definition of keyboard emulation and it storing data. I do not think this is how it works, but I could be wrong. Maybe someone else will join in an help us with this.
wizdum:
If the system isn't locked down enough to prevent a malicious user from plugging a usb key into a KVM, whats stopping them from plugging the USB key into the computer directly? I think you are going to have a difficult time finding a way to allow devices to share peripherals, while maintaining "complete separation between them". You could always go old school and use a KVM that uses physical, analog switches to change between devices, I guess. But then there is still nothing preventing the user from just unplugging the system.
I am also curious about your definition of keyboard emulation and it storing data. I do not think this is how it works, but I could be wrong. Maybe someone else will join in an help us with this.
Well if I use an old school KVM I will have an enumeration each time I switch computer.
What I meant with "Keyboard emulation" is: one of the possibilities ensure by the Leonardo Arduino. To Emulate a keyboard or a mouse with the arduino. With that I can avoid the enumeration each time I switch because it would be like I just don't move the mouse or type on the keyboard.
Your concept is fine. Essentially you have: host -> data diode -> switch -> 2x emulated device.
Another approach would be to give two outputs to you host and put a separate data diode between each output and emulated device. The switching is then done on the host. You could for instance map this function to a specific key press.
The hardware for the host is ok. For the devices I'll use something cheaper like a Teensy (Teensy USB Development Board).
If that is acceptable I'd suggest emulating PS/2 devices instead. This would simplify the project and dramatically cut costs. PS/2 uses a simple serial link, so you wouldn't need complex hardware to emulate usb devices, just some connectors. Plus, you'd only have one µc to program, and no need to devise a communication scheme between host and devices.
bomazi:
Your concept is fine. Essentially you have: host -> data diode -> switch -> 2x emulated device.
Another approach would be to give two outputs to you host and put a separate data diode between each output and emulated device. The switching is then done on the host. You could for instance map this function to a specific key press.
Thanks a lot for you answer. It helped me a lot. I will look at your data diode datasheet.
About the Teensy it's not a bad idea. I was looking a this too but I wasn't sure about the emulation part. Now I'm after some researches.
To separate after the Host is not a bad idea.
So what do you think about Keyboard/mouse -> USB HUB -> Host USB -> emulated device (teensy)
The problem is the Host USB shield use the SPI to communicate. And I'm not sure if I can use the Teensy to be both SPI master and to emulated the device at the same time.
Do you think I can use RS232 to communicate between Host USB shield and the Teensy? I didn't see and RX/TX on the Host USB shield.
So maybe the best idea is to stay on my design but to use data diode for the RS232 and Teensy instead of Leonardo Arduino.
bomazi:
If that is acceptable I'd suggest emulating PS/2 devices instead. This would simplify the project and dramatically cut costs. PS/2 uses a simple serial link, so you wouldn't need complex hardware to emulate usb devices, just some connectors. Plus, you'd only have one µc to program, and no need to devise a communication scheme between host and devices.
I know :). I would be glad if I could use PS/2 but I have to stay on USB HID.
The rs232 data diode was just an example. You can adapt the concept to SPI.
If you want to make a direct connection between a "naked" usb shield and the devices, then you have to use SPI. However, this will only work if you can use the shield read-only, i.e. without the MOSI line. That is probably not the case.
Thus you need to attach the shield to an arduino. The arduino handles bidirectional communication with the shield over SPI and then relays the data to the devices over a unidirectional link. The link in that case can be anything, with rs232 being the simplest option. Note that you are using the UART of the arduino. This option means that you have to devise you own protocol between the arduino and the devices. You'll also have to write software on the devices to extract this data and feed it to the usb output.