Date: Fri, 08 Aug 2014 13:36:36 +0100 From: John Haxby <john.haxby@...cle.com> To: oss-security@...ts.openwall.com Subject: Re: BadUSB discussion On 08/08/14 12:20, Dan Carpenter wrote: > The attack looks like someone who says, "Can you copy some files from > my USB flash drive which?" (not knowing it is infected) and then there > is a popup, "This newly inserted USB device is trying to type commands, > is that ok? y/N?". That's all very well, but: > One of the attacks involves a USB stick that acts as three separate > devices -- two thumb drives and a keyboard. When the device is first > plugged into a computer and is detected by the OS, it acts as a regular > storage device. However, when the computer is restarted and the device > detects that it's talking to the BIOS, it switches on the hidden storage > device and also emulates the keyboard, Nohl said. > > Acting as a keyboard, the device sends the necessary button presses > to bring up the boot menu and boots a minimal Linux system from the > hidden thumb drive. The Linux system then infects the bootloader of the > computer's hard disk drive, essentially acting like a boot virus, he said. From http://www.infoworld.com/d/security/most-usb-thumb-drives-can-be-reprogrammed-infect-computers-247489 via http://catless.ncl.ac.uk/Risks/28.14.html#subj6.1 (which seems to be down at the moment). The vulnerabilities aren't restricted to thumb drives. If there's room for a 1-wire chip in an Apple Lightning connector (http://www.chipworks.com/en/technical-competitive-analysis/resources/blog/inside-the-apple-lightning-cable/) then there's room for a lot more in the USB connector. Borrowing a cable to charge your mobile phone could become a risky business. jch
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ