It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Why the Security of USB Is Fundamentally Broken

page: 2
8
<< 1   >>

log in

join
share:

posted on Aug, 3 2014 @ 04:50 PM
link   
I imagine, in the future, device manufactures will publish the official checksums of their official firmware. Then anti-virus software will have access to these checksum databases, and be able to run a checksum on the device's firmware, and check for a match. If the checksums don't match, you can assume the firmware has been compromised.

That is how the best of the best do it.
edit on 3-8-2014 by WeAre0ne because: (no reason given)




posted on Aug, 20 2014 @ 04:55 PM
link   

On tonight, live from 10PM Eastern time!

Show thread with listening information



posted on Aug, 28 2014 @ 03:17 AM
link   
A California company called Ironkey is selling USB drives that they claim are not vulnerable to BadUSB malware.

The prices are pretty outrageous though so one has to wonder if they are taking advantage of a bad situation...

Prices for a 2GB model are $92 and top $500 for a 64GB model.

Considering the fact that ordinary 64GB drives go for about $30 on Amazon, they won't be hearing from me any time soon.

FYI: I have NOT used one of these yet so this is not an endorsement of any kind.

If you do buy one make sure you use the discount on their Twitter page:


Protect against #BadUSB MALWARE with 15% off IronKey GoodUSB devices now thru Sept 15th! (US estore customers only)

twitter.com...




edit on 28-8-2014 by Murgatroid because: Added link



posted on Aug, 28 2014 @ 09:39 AM
link   
a reply to: Murgatroid


A California company called Ironkey is selling USB drives that they claim are not vulnerable to BadUSB malware.

After looking at their product (thanks for the link,) I'm reasonably sure that they are just as vulnerable as anyone else. What they've done, code signing their firmware code, is what needs to be done, but that serves no purpose if the computer operating system doesn't require the firmware code to be signed, which they currently do not.



new topics

top topics
 
8
<< 1   >>

log in

join