Re: BadUSB discussion

[John Haxby <john.haxby () oracle com>]

On 08/08/14 12:20, Dan Carpenter wrote:
> The attack looks like someone who says, "Can you copy some files from
> my USB flash drive which?" (not knowing it is infected) and then there
> is a popup, "This newly inserted USB device is trying to type commands,
> is that ok?  y/N?".

That's all very well, but:

> One of the attacks involves a USB stick that acts as three separate
> devices -- two thumb drives and a keyboard. When the device is first
> plugged into a computer and is detected by the OS, it acts as a regular
> storage device. However, when the computer is restarted and the device
> detects that it's talking to the BIOS, it switches on the hidden storage
> device and also emulates the keyboard, Nohl said.
>
> Acting as a keyboard, the device sends the necessary button presses
> to bring up the boot menu and boots a minimal Linux system from the
> hidden thumb drive. The Linux system then infects the bootloader of the
> computer's hard disk drive, essentially acting like a boot virus, he said.


From
http://www.infoworld.com/d/security/most-usb-thumb-drives-can-be-reprogrammed-infect-computers-247489
via http://catless.ncl.ac.uk/Risks/28.14.html#subj6.1 (which seems to be
down at the moment).

The vulnerabilities aren't restricted to thumb drives.  If there's room
for a 1-wire chip in an Apple Lightning connector
(http://www.chipworks.com/en/technical-competitive-analysis/resources/blog/inside-the-apple-lightning-cable/)
then there's room for a lot more in the USB connector.  Borrowing a
cable to charge your mobile phone could become a risky business.

jch