!!

Welcome Guest

You are viewing this forum as a guest therefore You are Not Allowed to Post and Reply and You are not allowed to view links. Register or Login

collapse

* Search


* Recent Replies

Creation of a Wordpress site that will allow users to login by [Not Shown, Login to View]
[Yesterday at 09:41 PM]


How to Change Site URL to Mobile Version by [Not Shown, Login to View]
[Oct 20, 2018]


e-commerce website by [Not Shown, Login to View]
[Oct 19, 2018]


How To Get Web Traffic From Social Media by [Not Shown, Login to View]
[Oct 15, 2018]


Site contributor click in Google Ads by [Not Shown, Login to View]
[Oct 14, 2018]


my first website online by [Not Shown, Login to View]
[Sep 30, 2018]


Website Showcase - Drop Your Website Link(s) Here by [Not Shown, Login to View]
[Sep 19, 2018]


How to Apply for Payoneer Card and US Payment Service to Receive Amazon & others by [Not Shown, Login to View]
[Sep 19, 2018]


Ads plugins by [Not Shown, Login to View]
[Sep 14, 2018]


European Union laws by [Not Shown, Login to View]
[Sep 14, 2018]


price for a web design project by [Not Shown, Login to View]
[Sep 12, 2018]


WordPress on whogohost by [Not Shown, Login to View]
[Sep 07, 2018]


User ID Pageviews Plugin by [Not Shown, Login to View]
[Sep 07, 2018]


facebook ads by [Not Shown, Login to View]
[Sep 07, 2018]


How to Start Amazon affiliate marketing by [Not Shown, Login to View]
[Sep 07, 2018]


Possibility of Monetizing YouTube using a Nigerian postal address,etc ? by [Not Shown, Login to View]
[Sep 07, 2018]


Can I Build an Ecommerce Site Using Blogger? by [Not Shown, Login to View]
[Sep 04, 2018]


Creating public opinion poll on a website by [Not Shown, Login to View]
[Aug 17, 2018]


Add A Second Admin To Word press Site by [Not Shown, Login to View]
[Aug 17, 2018]


Google page ranking discontinued. by [Not Shown, Login to View]
[Aug 17, 2018]


Amazon registration in becoming an affiliate 2016 by [Not Shown, Login to View]
[Aug 17, 2018]


How to become a money maker agent by [Not Shown, Login to View]
[Aug 10, 2018]


Adding Widget to Feedburner by [Not Shown, Login to View]
[Aug 02, 2018]


Am sorry for my long break,am happy am back by [Not Shown, Login to View]
[Jul 18, 2018]


Another Course Update - Introducing Fast Track M.O.B by [Not Shown, Login to View]
[Jul 17, 2018]


Pop up ads wordpress plugin by [Not Shown, Login to View]
[Jul 14, 2018]


Information on Google Adwords by [Not Shown, Login to View]
[Jul 13, 2018]


Can I embed Images in my Blog Along With Adsense? by [Not Shown, Login to View]
[Jul 13, 2018]


Amount of Disc Space for A News Site by [Not Shown, Login to View]
[Jul 13, 2018]


Which Chamber, 1, 2 or 5? by [Not Shown, Login to View]
[Jul 13, 2018]

Author Topic: USB Has a FundamentalSecurity Flaw That YouCan't Detect  (Read 470 times)

0 Members and 1 Guest are viewing this topic.

Offline [Not Shown, Login to View]

  • Level 3 (Regular)
  • ***
  • Posts: 216
  • Respect: +28
  • Gender: Male
  • Location: abuja
  • My Rank: 22
We all rely on USB to interconnect our digital lives
—-but new research first reported by Wired
reveals that there's a fundamental security flaw in
the very way that the humble Universal Serial Bus
functions, and it could be exploited to wreak havoc
on any computer.
Wired reports that security researchers Karsten
Nohl and Jakob Lell have reverse engineered the
firmware that controls the basic communication
functions of USB. Not only that, the've also written
a piece of malware, called BadUSB, that can "be
installed on a USB device to completely take over a
PC, invisibly alter files installed from the memory
stick, or even redirect the user's internet traffic."
Embedded within USB devices—from thumb drives
thorough keyboards to smartphones—is a
controller chip which allows the device and a
computer it's connected to send information back
and forth. It's this that Nohl and Lell have
targeted, which means their malware doesn't sit in
flash memory, but rather is hidden away in
firmware, undeletable by all but the most
technically knowledgable. Lell explained to Wired :
"You can give it to your IT security people,
they scan it, delete some files, and give it
back to you telling you it's 'clean... [But
these] problems can't be patched. We're
exploiting the very way that USB is
designed."
The kicker is that it's virtually impossible to check
whether a device's firmware has been tampered
with, and even if it was, there's no single trusted
version of it to check against. It's also worth
pointing out that it can travel both ways: a USB
stick could infect a computer with its malware, say,
and the PC could then infect any USB device
plugged into it.
So it's fairly worrying that the pair of researchers
have demonstrated—and will present at the
upcoming Black Hat security conference in Las
Vegas—that the flaw can be exploited on thumb
drives, mice, keyboards and even an Android
smartphone. (It should, in theory, work on any
USB device that can have its firmware
reprogrammed). Some of Wired's sources even
speculate that the hack could already be being used
by the NSA.
That's a lot of bad news—so what can you do
about it? Technically speaking, very little: there's
no patch of code that can be be used to solve the
problem. Instead, both the USB Implementers
Forum and the researchers point out that a change
in the way we use USB is the only solution: don't
plug a USB device into any computer you don't 100
percent trust, and don't plug untrusted USB device
into your computer either. That may prove
inconvenient—but it may also save you from a
very nasty surprise, too


moving to greater height

 

Related Topics

  Subject / Started by Replies Last post
7 Replies
1643 Views
Last post Apr 26, 2014
by [Not Shown, Login to View]

TinyPortal © 2005-2011
SimplePortal 2.3.5 © 2008-2012, SimplePortal