12 October 2014

Unfixable USB Exploit Could Lead To Unpatchable Malware To USB Devices

Is this could be the "end" of USB ports? Recent tech news surfaces security threat particularly on any USB supported device. Yes, there is a new exploit on USB that shows how its security is fundamentally broken.
First Security Researcher
In a Black Hat security conference in Las Vegas, Karsten Nohl, a security researcher, exploited first detailed vulnerability of the USB. He also feared that the exploit was UNPATCHABLE.

Image: gadgetsmagazine.com.ph
Reverse-engineered the first code
Two months ago, Nohl demonstrated an attack and he called it BadUSB. He showed possible ways to corrupt any USB device with undetectable malware. Realizing the severity of the security problem, Nohl did not release code to public.

However, two researchers, Adam Caudill and Brandon Wilson, have successfully reverse-engineered the BadUSB code and published the code on Github in order to raise stakes among USB makers to fix the problem.

How exploit works?
The exploit code gains control in the USB controller memory and hides with malware USB drive. For now, there is no way for a user to remove it.

It basically needs a new security architectural design feature to allow USB manufacturer's signature to alter the controller's code.

The bad news is: it will not sort things up, instead, it is advised to replace them. According to Geek, it will take more years to fully fix the devices.

How USB Ports work?

USB or Universal Serial Bus port is a standard cable connection between computers and devices. USB is also an industry standard for data communications. It is very useful in transferring data between two devices. The usb ports can supply power on devices without their own power source like flash drive.

While USB gives single yet standardized-easy-to-use way to connect devices and to transfer data between them. This exploit could be a messy.
Is this the end of USB era?


Featured Offers: