The original half of the USB is unsafe

At the August Black Hat security conference, Nohl demonstrated the BADUSB attack, the principle of using USB control chip firmware can be reset this vulnerability to attack. This means that a USB controller can be infected with malware, virus files, and can send commands, steal files, or install malware by simulating a USB hard drive.

At the pacsec security conference in Tokyo, computer hacker Karsten Nohl unveiled the latest developments in its BADUSB study. They simulated attacks on the USB controllers of the eight vendors to see if the chips could withstand the attack. The test results showed that only half of the chips could be immune to the virus. and ordinary consumers by their own force, it is impossible to tell whether the USB chip is safe.

"Unlike when you insert a flash drive into a computer, the computer will automatically identify the source of the chip, and it's not easy to tell if the USB device is safe," Nohl said. ”

The problem now is that Nohl's research data does not seem to bring good news. Unlike computer manufacturers, USB device manufacturers do not label manufacturers on their chips. Even with the same product, they often choose the cheapest suppliers based on the price of the chip. In a USB chip analysis at the ShmooCon security conference earlier this year, security researchers found that Kingston uses USB chips produced by several companies. "The USB controller used in the Kingston USB drive may come from any one of these 5 or 6 suppliers," Nohl said.

To resolve the BADUSB vulnerability, the USB manufacturer is first required to clearly identify the new source of use. Creating a chip-marking system is difficult, making it trickier to resolve BADUSB security vulnerabilities. Thus, at the Black Hat Convention, Nohl did not publish BADUSB code to prevent malicious hackers from stealing the use. But two other independent engineers have "reverse-engineered" the Badusb and published their own BADUSB code to facilitate further research and pressure on manufacturers.

Currently has Imation company's USB manufacturer Ironkey, requests its USB flash drive firmware Upgrade all must use the not to forge the password to protect it, prevents the malicious tampering. Hopefully there will be more USB manufacturers doing so.

Nohl said that although some of the cost considerations, in the production of chips can not be rewritten, they are not easy to attack, but "any can be rewritten chips, are vulnerable to BADUSB threat."

There have been comments that Nohl's initial BADUSB study was narrowly limited to chip maker Phison, and its latest findings are a powerful rebuttal to the criticism. If the long-term vision, Nohl said that in view of the USB chip cohabitation, USB equipment industry is not transparent, the market every USB device may have this vulnerability.

Some people have accepted the fact that "USB device is unsafe", while others are still in the impression that "the BADUSB problem is only a Phison company's product loophole", they should be more alert and recognize the problem.