Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 08 Aug 2014 13:36:36 +0100
From: John Haxby <john.haxby@...cle.com>
To: oss-security@...ts.openwall.com
Subject: Re: BadUSB discussion

On 08/08/14 12:20, Dan Carpenter wrote:
> The attack looks like someone who says, "Can you copy some files from
> my USB flash drive which?" (not knowing it is infected) and then there
> is a popup, "This newly inserted USB device is trying to type commands,
> is that ok?  y/N?".

That's all very well, but:

> One of the attacks involves a USB stick that acts as three separate
> devices -- two thumb drives and a keyboard. When the device is first
> plugged into a computer and is detected by the OS, it acts as a regular
> storage device. However, when the computer is restarted and the device
> detects that it's talking to the BIOS, it switches on the hidden storage
> device and also emulates the keyboard, Nohl said.
> 
> Acting as a keyboard, the device sends the necessary button presses
> to bring up the boot menu and boots a minimal Linux system from the
> hidden thumb drive. The Linux system then infects the bootloader of the
> computer's hard disk drive, essentially acting like a boot virus, he said.


From
http://www.infoworld.com/d/security/most-usb-thumb-drives-can-be-reprogrammed-infect-computers-247489
via http://catless.ncl.ac.uk/Risks/28.14.html#subj6.1 (which seems to be
down at the moment).

The vulnerabilities aren't restricted to thumb drives.  If there's room
for a 1-wire chip in an Apple Lightning connector
(http://www.chipworks.com/en/technical-competitive-analysis/resources/blog/inside-the-apple-lightning-cable/)
then there's room for a lot more in the USB connector.  Borrowing a
cable to charge your mobile phone could become a risky business.

jch

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ