USB Security (or Lack Thereof) Is A Major Problem

What’s the Latest?

Most people are aware of the risk they take regarding viruses and malware when trading USB drives. But as two major tech security researchers have determined, the dangers presented by malware stored in a the device’s memory isn’t as massive as the potential malware stored within the structure of the device’s operating technology. To demonstrate this, Karsten Nohl and Jakob Lell created a piece of malware called BadUSB that is designed to wreak total havoc on a personal computer.

From Wired:

“Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted.”

What’s the Big Idea?

As Wired reports, Nohl and Lell will present findings about the fundamental flaws in USB security later this week. Their BadUSB experiment proved that no form of computer security can combat USB-exploiting malware. Simply put, USB as a design is hopelessly defective.

Their findings, certainly not the first to point out the weaknesses of USB, could signal the end of the technology as a whole. It’s not just memory sticks and external hard drives at risk; your keyboard, mouse, and iPod charger could all harbor dangerous malware capable of hijacking your computer. That BadUSB can spread undetected makes it a potential national security risk — it’s only a matter of time before government agencies and legislators get involved here. Keep an eye out for more on this story as it develops.

Check out the terrific story on Wired (linked below) and let us know what you think.