Sci/Tech Massive, undetectable security flaw found in USB: Time to get your PS/2 keyboard out of the cupboard

tom_mai78101

The Helper Connoisseur / Ex-MineCraft Host
Staff member
Reaction score
1,632
Security researchers have found a fundamental flaw that could affect billions of USB devices. This flaw is so serious that, now that it has been revealed, you probably shouldn’t plug a USB device into your computer ever again. There are no known effective defenses against this variety of USB attack, though in the future (months or years, not days) some limited defenses might be possible. This vulnerability, which allows any USB device to take over your computer, mostly exists due to the USB Implementers Forum (the USB standards body) eschewing security in favor of maximizing the versatility, and thus the massively successful adoption, of USB. The USB IF itself notes that your only defense against this new attack vector is to only use USB devices that you 100% trust — but even then, as we’ll outline below, this won’t always protect you.

This flaw, dubbed BadUSB by Security Research Labs in Berlin, leverages the fact that every USB device has a controller chip. Whether it’s your PC, smartphone, external hard drive, or an audio breakout box, there’s a USB controller chip in every device that controlsthe USB connection to other devices. It turns out, according to SR Labs, that these controllers have firmware that can be reprogrammed to do a whole host of malicious things — and, perhaps most importantly, this reprogramming is almost impossible to detect.

Read more here. (ExtremeTech)
 

Narks

Vastly intelligent whale-like being from the stars
Reaction score
90
but how do you know that without plugging it in?

as a side-note, does this controller flaw affect all flavors of USB? (1.0, 1.1, 2.0, 3.0, 3.1)?
The point is that if most USBs are immune, most attackers won't bother.
 

Slapshot136

Divide et impera
Reaction score
471
The point is that if most USBs are immune, most attackers won't bother.

the preferred strat is to drop off a known infected flash drive near the parking lot of an office, so that an employee will see it, pick it up, and plug it into their work PC - and from there wreck havoc - the flash drive can be chosen in advance such that it supports firmware re-writes/hacking

it's similar to wifi cards - most don't support monitor mode, but that doesn't really deter attackers, since they can still get access to those that do what they want
 
Last edited:
General chit-chat
Help Users
  • No one is chatting at the moment.

      The Helper Discord

      Members online

      No members online now.

      Affiliates

      Hive Workshop NUON Dome World Editor Tutorials

      Network Sponsors

      Apex Steel Pipe - Buys and sells Steel Pipe.
      Top