October 14, 2014

BADUSB Risk mitigation

I was reading about BAD USB bug:

“USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe until now.
This talk introduces a new form of malware that operates from controller chips inside USB devices. USB sticks, as an example, can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user.”
is reported on the SR Labs website.

All say that is hard to prevent this kind of attack, and I undestand that from the side of USB controller they have to change something to prevent reprogramming.

I wonder anyway if is possible to prevent this kind of attacks, from computer side, in this simply way:

when an USB device is connected, the OS could ask to the user:
"have you connected an network card?"
or another example:
"the device /dev/xyz is changing from mass storage to HID device, do you want allow it?"

Click Here!