Researchers uncover fundamental USB security flaw, no fix in sight
Click here to post a comment for Researchers uncover fundamental USB security flaw, no fix in sight on our message forum
tsunami231
ugh, this dont really effect many people unless people have tendency to let people they dont know use usb thumb drives on there pc.
took them how many years since the introduction of usb to find this flaw? these people are slacking.
SLI-756
Yeah I suspect my usb3 external drive had been compromised for a very long while now.
I use a powerful cleaning program and each time i clean the drive the same files always appear to be deleted but then they return and they can't even be found on drive.
i got hacked bad couple months ago too.
Fox2232
Technically speaking if you infect one USB device with code which is capable to infect directly others via USB controller then there is no other protection than having USB devices where firmware can't be updated or mechanical switch has to be used to allow FW writes.
And then one borrowed USB from friend = all yours infected.
fusion
Would a magnet work?
k3vst3r
To do what exactly? it isn't a HDD
chips will be vulnerable to ESD not magnetic fields 🙂
basic low down if this comes to light, everything that accepts USB will be vulnerable....from consoles to phones
Extraordinary
A very heavy one yea 😉
asturur
I read this some months ago.
Some usb controllers on usb drives are programmable.
So you should first program a usb drive firmware with this malicious program that has to then reprogram other usb drives that are inserted on that pc to spread itself.
i don't think antivirus cannot catch them, once that malicious software is on the pc is a normal software, is no more on on firmware level.
So just the pc is infected and the antivirus has to clean it.
Pill Monster
For any of this to happen the controller OpRoms would first have to be flashed with malicious firmware......
Fox2232
Yes, and now there is good question: "How many of them are flashable?"
I can guess most of HDD/SSD based controllers are.
I believe not many classical flash drives FW can be altered.
And then there is another question: "Are they flashed in same way or every manufacturer uses very different commands to alter their FW?"
For this one I do not know answer at all as I have not read USB standard stuff.
But if flashing is part of USB standard and manufacturers adhere it then such virus can be very effective in multiplication.
Pill Monster
Oproms on controllers attached to the SB can be flashed easily.
Anything on the NB I think would take a BIOS flash. That's a guesstimate.
edit* yep confirmed^.
Vandrell
And the USB foundation/implementers/council never even bothered to rectify this all this while or they just don't care or they are just plain clueless on this?
And this isn't first time news about loopholes in the USB standard has come to light. Slacking indeed!
CrazY_Milojko
This USB exploit is offering milions of ways for implementing some kind of spyware/malware into Firmware/BIOS of almost any kind of USB devices (and any other non-USB programmable controlers) with some kind of storage kontroller inside. Now just think a little that almost all of devices and chips of this type are manufactured or assembled in China. Are they (China's government/secret services) going to abuse this exploit to spread some kind of spyware via USB flash-drives, external USB HDD's, controller chips/devices.... Noooo, sure they wouldn't 😇
I think this exploit exists for God knows how many years. No one knows exactly how many USB storage and similar devices are silently infected with some kind of spyware crap. With releasing this in public SR Labs just released the beast and now every government with IT factories on their ground is going to think about abusing this exploit for... imagination is your only limit.
Now to put back on my tin foil hat... 🙂
Fender178
Hmm I wonder how Linux based computers will react to this and the same goes for Macs as well since they use similar security measures.
Is there any security measures that we can take to avoid this until they can find a fix for it?
Also to me this is the ultimate computer breaker because to me infected users of this flaw will be forced to purchase a new motherboard and USB devices.
Ghosty
Anti virus scans might not pick it up, but a good firewall might give you an indication of something that isn't right.
Prince Valiant
What's stopping the USB FW from being read\scanned when it's inserted in a port?
Ghosty
Nothing, but it wont be detected because of the way it is hidden.
Veeshush
Wilders thread to follow: http://www.wilderssecurity.com/threads/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil.366653/
http://www.theregister.co.uk/2014/07/31/black_hat_hackers_drive_truck_through_hole_in_usb_security/
Fender178
Thanks for the info man. This surely helps alot.
Pill Monster
I've written this post 3 times now and keep getting the damn login timeout and my stuff deleted so I'm not going to re write it.
The Wired article is vague and very unspecific.
PC's cannot be controlled by Firmware on another device in the way Wired would have you believe. It's just not that simple.
This appears to be sensationalist click bait material.
mbk1969
I see only one possibility for USB chip to perform malware actions - to merge malware code into the exe- or dll-images stored on USB storage. And to merge code into bin-image an USB chip`s firmware should be able to parse the file system on its storage.
