Posts Tagged


Mouse and Rat Buttons

Elizabeth Technology January 31, 2022

ONE EXTREME: Mad Catz R.A.T Gaming Mouse.

Look at it. It’s got three whole tension wheels on it. There’s a rocker switch and a two-button switch on the side, there. Look at it. Look at it! Control the angle at which it’s puny body supports your hand!

This mouse costs nearly $170, and it’s marketed towards gamers – presumably, the less you have to move your hands, the faster you are. Games that require you to let go of the directional keys to activate an item are no longer sandbagging on you! Just bind one of it’s thirteen buttons to the item slot, and you’re good to go!

Alternatively, binding excel shortcuts to this would be sick. No more struggling to remember the exact set of keys to press to get CONCAT or SUM open. Just hit the red button on the side.

This mouse is basically a controller, and treating it like it’s for everyday use is dishonest. It happens to overlap functions with a mouse, but you could also play Minecraft entirely with control buttons set by this monster. Probably.

The OTHER EXTREME: Mac Magic Mouse

It’s a mouse distilled down to its most basic, essential functions. You move with it, you select your clickable item, and then you click it. No third click. No wheel click. Oversized hands are not their target audience. You will not be able to scroll between items in World of Warcraft with Apple’s simplest mouse. You will be forced to manually select it. No frills. None. There are TWO buttons.

This is not every Mac mouse – the Apple Mouse, their standard mouse, has a scroll wheel. This mouse is just incredibly simple. It’s nearly the simplest a mouse can get without needing a companion controller. Nearly. But not quite. It also costs 75$. That’s not quite the button-to-price ratio you’d expect from the Mad Cat RAT.


The trackpad is a built-in mouse system, and it means that users don’t need a peripheral. The Dell ThinkPad used to have what was called a TrackPoint, the orange or red button in the middle of the keyboard that behaved as a mouse. It was far from perfect, but it was very fast, and didn’t require users to move their hands far from the center of the keyboard.

 It’s primary competitor, the trackpad, was much more successful. The trackpad is the simplest option. It comes with the computer – you can buy one separately if you really want one for your desktop, or buy a keyboard that comes with it attached.

There’s no middle click, because there’s no scroll wheel. It doesn’t skate, but clicking and dragging is more of a pain.

Besides that, the location of the trackpad can sometimes get in the way of people used to typing on regular keyboards. If you rest your hands near the middle naturally, you’ll end up grazing the trackpad constantly. The convenience of not having to fish a Bluetooth mouse out of your bag every time you want to open your computer should outweigh the negative of having to re-learn your hand positions.


Software’s only gotten better as time goes on. Behold, the touchscreen: no buttons at all. Press for right click, press and hold for left. No scroll wheel, which can get annoying on recipe sites and the like, but everywhere else? It’s functional. Most websites began designing touch-screen friendly experiences around the time the iPhone went from ‘novelty’ to ‘revolutionary’. Very rarely do you see a site with

 Touch screen. The final barrier, the last ladder rung, to a completely touchless experience.

Perfect Middle: A regular mouse

The average mouse has three buttons on it: there’s right click, left click, and the scroll wheel. Some have volume or page control on the sides, but if you’re used to holding the sides of a mouse to move it, this will be more annoying than convenient. Bluetooth or cabled mice are excellent choices if you find yourself doing a lot of clicking and dragging. Remember: the only wrong mouse is the mouse you don’t enjoy using!


Razer Mouse Driver Causes Breach

Elizabeth Technology January 19, 2022


Peripherals. Your keyboard, mouse, drawing pad, Apple Pen, game controller, and more are considered peripherals. Peripherals, by their nature, don’t have much computer power inside them – generally, they have just enough to do their job and not more. In terms of hacking, they aren’t quite as vulnerable as IoT items because they’ve been in the computer world for much longer.

That doesn’t mean that it’s impossible, it just means that other targets are often easier – and other methods, such as hiding a hacking device in a corded mouse’s plug in a la the Juice Jacker are easier than trying to get in on a device’s protected Bluetooth connection.

However, some peripheral devices require things like drivers. Drivers are programs that give the computer instructions for how the device is supposed to work. A computer won’t know how a specific drawing tablet works until that drawing tablet is hooked up and the drivers downloaded, and a Dell won’t understand the Apple Pen without it’s related software. However, most mice and most keyboards don’t take any drivers because they’re so common that computer manufacturers assume they’re a given, and so the instructions for how the computer is meant to interpret the commands are already programmed in. It’s why you can just plug and go for most Bluetooth mice.

In this case, Razer’s mouse was so complicated that it took a driver to use to its fullest extent. It could change the color of its internal LEDs, and the computer didn’t have the built-in instructions to understand those commands. Downloading that driver is what presents the vulnerability!

The Flaw

Razer’s mouse doesn’t magically make the user an admin just by plugging it in – the end user still has to know what they’re looking at. The way Razer peripherals work, plugging one in downloads the drivers that specific device needs. To do so, it opens up a Wizard, and if you catch it when it asks you where you want to save the file, you can (or could) left-click and open PowerShell. Now you have access to PowerShell, one of Microsoft’s automation and task frameworks, without needing to get the administrator’s permission first. And PowerShell has admin privileges by its nature! Now that it’s been opened up, even previously limited or restricted profiles can access and change settings within the computer as though it were an admin, something it couldn’t have done without Razer’s Wizard.

This is a pretty big flaw.

The issue is that the file’s set-up is asking the user where they want to put their file, instead of stuffing it in the drive in its own folder or on the desktop by default, like many programs do. Or, alternatively, the computer shouldn’t have allowed the driver + Wizard download without admin permission in the first place!  

This is a big flaw. However – it also means that any malicious user would still have to get access to the computer, either physically or remotely, so while it’s a vulnerability if the person with the driver is in the physical location of an unlocked, open computer (or manages to scam their way into remote control of one), it’s not necessarily time to toss the Razer mice.


Razer peripherals are generally marketed towards gamers, but they can be used as regular device peripherals too. They’re sort of expensive to buy as just a mouse, and their especially great precision is designed for games, not Excel sheets, so many people (and many businesses) would prefer to use something lighter and cheaper for their office computers. Why bring an 18-wheeler to something if a simpler pickup truck will do the trick, right? The same goes for their gaming chairs, computers, keyboards, etc. – if something is perfectly designed for gaming, it can also do office stuff, but that would look and feel sort of ridiculous.

Razer’s whole image is the scorpions and snakes, green and black, Matrix, high-tech imagery. They may occasionally sell multipurpose stuff, but their marketing is overwhelmingly towards gamers, promising them the top-of-the-line peripherals with accuracy and speed that plain Dell or third-party peripherals can’t always deliver.  

The company knows this. Razer, understanding that their main function is ease-of-use and not security, may overlook basic security flaws every once and a while, and I don’t really blame them for missing something like this while testing – after all, Windows itself should have protested the download, too, right?