Bug #3835
investigate BadUSB attack
| Status: | New | Start date: | 10/02/2014 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | Spent time: | - | |
| Target version: | - | |||
| Component: |
Description
There was a lots of hype about the BadUSB exploit:
- http://www.wired.com/2014/07/usb-security/
- http://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/
There is lots of talk about it being impossible to scan for malware that uses this exploit, or remove it. But that seems dubious. If you can flash a microcontroller, you can re-flash a microcontroller. And you can usually read the firmware from the microcontroller as well. Sounds like the worst attack a bad USB can do it output stuff as if it was a keyboard and/or mouse. But that would clearly show up in the UI of the machine its plugged into.
History
#1 Updated by patcon almost 3 years ago
Still waiting for feedback, but might be one mitigation measure, at least for a USB device connected to Tails, if not for the Tails USB itself.