[snowsislander]

Thanks for the link.

From the penultimate (and it should have been a lot closer to the front of the paper) page:

3.4.1. Observability. Someone with direct observation of compromise a network endpoint, without attempting access the network endpoint would be able to notice the uploading through the network. of applications, as the text entered by the Hardware Trojan Horse device would appear on the display as text being entered by the keyboard. A user at the network endpoint could also disrupt the uploading of the applications because any characters entered on the legitimate keyboard would be passed to the file containing the uploaded application.

I skimmed the paper, and I believe that a short summary is that a USB keyboard can be programmed to capture keystrokes and also can be setup to automatically type commands that can lead to compromise of data stored the system.

(There's a whole elaborate bit about using audio and keyboard LEDs that I fail to see much use for, but I didn't spend a great deal of time with this paper since the overall attack doesn't seem very covert.)

[TChad]

I skimmed the paper, and I believe that a short summary is that a USB keyboard can be programmed to capture keystrokes and also can be setup to automatically type commands that can lead to compromise of data stored the system.

It's not just USB keyboards, it's any USB device:

Because the USB protocol relies on devices to properly identify themselves during enumeration, a USB Meta-Device could be programmed to identify itself as any USB device [9]. In this way, the USB Meta-Device could be configured to represent itself as a device associated with a vulnerable driver loaded on the network endpoint.

This is what happens when dumb devices get smart enough to be convenient. These days, the toaster wants its own static IP.

Not to worry, we'll soon be able to upgrade to the New Improved USB 4.0, Now With Fewer Unintended Channels!

Bah.