Date: Fri, 8 Aug 2014 14:20:21 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: OSS Security List <oss-security@...ts.openwall.com> Subject: BadUSB discussion I'm surprised we haven't had any discussion about the recent BadUSB articles. http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/ http://security.stackexchange.com/questions/64524/how-to-prevent-badusb-attacks-on-linux-desktop We could put a popup if there is a second keyboard attached to check that the person controlling the existing keyboard is aware of the second one. The attack looks like someone who says, "Can you copy some files from my USB flash drive which?" (not knowing it is infected) and then there is a popup, "This newly inserted USB device is trying to type commands, is that ok? y/N?". regards, dan carpenter
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ