Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Inconsistencies in manufacturing could make thumb drives insecure

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

November 18, 2014

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

These days, traditional USB thumb drives are so inconsistently manufactured that it is all but impossible to know for sure if any unit could be reprogrammed to take over computers and could cause significant security breaches, researcher Karsten Nohl says.

The conditions that determined if a unit could be hacked varied not only between vendors but also within product unit lines due to manufacturers buying different hardware components caused by widely fluctuating prices.

In a presentation at the recent Pacific Security Conference in Japan, Nohl and fellow SR Labs researchers Sasha Kribler and Jakob Lell revealed more information into the attacks known as Bad USB.

"As long as USB controllers are reprogrammable, USB peripherals should not be shared with others," the security team said.

"Once infected through USB, malware can use peripherals as a hiding place, hindering system clean up," added Nohl.

They examined about 60 chip families from USB vendors Phison, Alcor, Renesas, ASmedia, Genesys Logic, FTDI, Cypress and Microchip.

They found Phison chips the most vulnerable, along with the new USB 3.0 line from Genesys Logic, while none disabled the reprogramming vector.

It was bad news for the most security conscious organizations and individuals, but good news for attackers, notably given the release in October of the Bad USB attack code.

Worse, they said Android phones were the simplest BadUSB attack platforms due to its pre-configured ethernet over USB setup.

The security team also detailed attacks from booting with hidden rootkits using a BadUSB that could undermine Windows, Mac and Linux operating systems, and a large number of similar attacks including keyboard emulation and network card spoofing.

To be sure, security company Ironkey was the only known USB vendor to protect against such reprogramming.

There was no real defence against BadUSB other than disabling the firmware updates in the hardware, a feat restricted to new devices, and by pouring glue into USB ports which had obvious usability issues.

Whitelisting USBs was hindered due to the lack of serial numbers and mechanisms to apply the security measures, while malicious firmware could easily spoof its legitimacy to foil malware scans.

Firmware code signing could still permit unauthorized firmware upgrades, and was problematic on smaller devices.

It took the security team two months to document, reverse engineer and patch the USB firmware processes, a system which they said may also fit similar analysis for web cams and other peripherals.

Source: The Pacific Security Conference in Japan.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer