You have to “reset” the keyboard (which is noticable, because the keyboard will stop responding for a very short time) and press the prog key long enough. For this type of attack to work, the user would need to hold the prog key long enough that the keyboard can be reset, and the flashing to start. While not an impossible scenario, it is quite unlikely to happen.
The scenario is made even more unlikely because with the factory firmware, the
Prog key generates no keycode, the host has no way of knowing when it was pressed. Even if you hold it, the host still does not see anything. And to flash a firmware, it needs to reset the keyboard, and that would be noticable.
It has to be held down while the keyboard boots into programmable mode. I’d say that it is a significant amount of time, but that’s just an opinion. I certainly had to hold it longer than I’d normally hold a key during normal typing. But then, I didn’t have an active program spying for a
Yes, the Prog key starts to flash in wild colors, and the keyboard is unusable while the flashing takes place.
You can reflash the factory firmware. You can also prevent the keyboard from doing malicious things by repeatedly hitting the reset knob (under the left enclosure), which prevents the malicious firmware from booting, and allows you to re-flash the keyboard with the factory firmware.
To some extent, yes. It is possible to get the keyboard into a state where the
Prog button will not work anymore, and it can’t be reflashed. Opening it up, and pressing the reset knob will put it into a programming mode so you can restore a working firmware.
Technically, if you have physical access and a programmer device, you can re-flash the bootloader, and brick the keyboard so hard that it becomes near impossible to restore without similar tools. But just with bad firmware, unless you find a way to damage the hardware from within the code, nope, it should not be possible to brick the keyboard.