A REALLY bad security threat: USB devices
Aug. 1st, 2014 11:16 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneYes, USB devices can carry malware, we all know that. This is new and different. Basically, it is not difficult to hack the hardware that controls the USB device, be it memory stick, external hard drive, or possibly smart phone or tablet. Malware injected in to the controller is pretty much undetectable, and if it can't be detected, it can't be removed.
I haven't seen reports of this problem being found in the wild, but if security researchers have found it and exploited it, there's no reason to think that bad actors such as criminals or government agencies haven't done it.
Solution? There isn't one at this time, it's too low-level of a problem like malware in hypervisors, all but impossible to detect. The best posited solution would be to apply checksums against all USB firmware, which would entail replacing all USB devices. At least you'd know if a device had been altered and was therefore untrustworthy, the question at that point would be whether the device could be remediated or should be destroyed.
http://www.wired.com/2014/07/usb-security/
https://www.schneier.com/blog/archives/2014/07/the_fundamental.html
I haven't seen reports of this problem being found in the wild, but if security researchers have found it and exploited it, there's no reason to think that bad actors such as criminals or government agencies haven't done it.
Solution? There isn't one at this time, it's too low-level of a problem like malware in hypervisors, all but impossible to detect. The best posited solution would be to apply checksums against all USB firmware, which would entail replacing all USB devices. At least you'd know if a device had been altered and was therefore untrustworthy, the question at that point would be whether the device could be remediated or should be destroyed.
http://www.wired.com/2014/07/usb-security/
https://www.schneier.com/blog/archives/2014/07/the_fundamental.html
