Updated README

This commit is contained in:
Hrvoje Cavrak 2024-02-15 10:31:00 +01:00
parent 654c9e818b
commit 92a3c07a19
1 changed files with 17 additions and 17 deletions

View File

@ -71,23 +71,6 @@ Option 2 - Switch a board to BOOTSEL mode by using a special key combination (li
This will make the corresponding Pico board enter the bootloader upgrade mode and act as USB flash drive. Now you can drag-and-drop the .uf2 file to it (you might need to plug in your mouse directly). This will make the corresponding Pico board enter the bootloader upgrade mode and act as USB flash drive. Now you can drag-and-drop the .uf2 file to it (you might need to plug in your mouse directly).
## Security and Safety
Some features are missing on purpose, despite the fact it would make the device easier to use or simpler to configure. Here is a quick breakdown of these decisions:
- There is no copy-paste or *any* information sharing between systems. This prevents information leakage.
- No webhid device management or any inbound connectivity from the output computers, with the only exception of standard keyboard LED on/off messages, hard limited to 1 byte of data.
- No FW upgrade triggering from the outputs. Only explicit and deliberate user action through a special keyboard shortcut may do that.
- No plugged-in keyboard/mouse custom endpoints are exposed or information forwarded towards these devices. Their potential vulnerabilities are effectively firewalled from the computer.
- No input history is allowed to be retained.
- Outputs are physically separated and galvanically isolated with a minimal isolation voltage of 2kV.
- All packets exchanged between devices are of fixed length, no code is transferred and no raw config exchange of any kind can take place.
- There is no bluetooth or wifi, networking, Internet access, usb drives etc.
- No connected computer is considered trusted under any circumstances.
- Entirety of the code is open source, without any binary blobs and thoroughly commented to explain its purpose. I encourage you to never trust anyone and always make sure you know what you are running by doing a manual audit.
This still doesn't guarantee anything, but I believe it makes a reasonable set of ground rules to keep you safe and protected.
## Misc features ## Misc features
### Mouse slowdown ### Mouse slowdown
@ -214,6 +197,23 @@ When you connect a new USB peripheral, the board will flash the led twice, and i
Do this test by first plugging the keyboard on one side and then on the other. If everything is OK, leds will flash quickly back and forth in both cases. Do this test by first plugging the keyboard on one side and then on the other. If everything is OK, leds will flash quickly back and forth in both cases.
## Security and Safety
Some features are missing on purpose, despite the fact it would make the device easier to use or simpler to configure. Here is a quick breakdown of these decisions:
- There is no copy-paste or *any* information sharing between systems. This prevents information leakage.
- No webhid device management or any inbound connectivity from the output computers, with the only exception of standard keyboard LED on/off messages, hard limited to 1 byte of data.
- No FW upgrade triggering from the outputs. Only explicit and deliberate user action through a special keyboard shortcut may do that.
- No plugged-in keyboard/mouse custom endpoints are exposed or information forwarded towards these devices. Their potential vulnerabilities are effectively firewalled from the computer.
- No input history is allowed to be retained.
- Outputs are physically separated and galvanically isolated with a minimal isolation voltage of 2kV.
- All packets exchanged between devices are of fixed length, no code is transferred and no raw config exchange of any kind can take place.
- There is no bluetooth or wifi, networking, Internet access, usb drives etc.
- No connected computer is considered trusted under any circumstances.
- Entirety of the code is open source, without any binary blobs and thoroughly commented to explain its purpose. I encourage you to never trust anyone and always make sure you know what you are running by doing a manual audit.
This still doesn't guarantee anything, but I believe it makes a reasonable set of ground rules to keep you safe and protected.
## FAQ ## FAQ
1. I just have two Picos, can I do without a PCB and isolator? 1. I just have two Picos, can I do without a PCB and isolator?