Story 2014-08-01 3S5 USB vector for computer viruses

USB vector for computer viruses

by
in security on (#3S5)
story imageAn interesting discussion appeared on MacRumors today pointing to the work of security researcher Karsten Nohl of Berlin's SR Labs. He has discovered an attack vector exploiting the firmware of generic USB devices. It appears that with the vector involves reprogramming the USB controller software for arbitrary devices which can than emulate other devices to cause a large variety of undesired outcomes (such as emulating a keyboard to type on behalf of a user or spoofing a network card and redirecting web traffic). At present, this attack vector appears to be impossible to prevent or detect with existing software-only security measures. A more detailed discussion of Nohl's work and the associated risk are available from Wired or the SR Labs website itself.

A notable quote from the Wired article:
"Blaze speculates that the USB attack may in fact already be common practice for the NSA. He points to a spying device known as Cottonmouth, revealed earlier this year in the leaks of Edward Snowden. The device, which hid in a USB peripheral plug, was advertised in a collection of NSA internal documents as surreptitiously installing malware on a target’s machine. The exact mechanism for that USB attack wasn’t described. I wouldn’t be surprised if some of the things [Nohl and Lell] discovered are what we heard about in the NSA catalogue....The alternative is to treat USB devices like hypodermic needles."
Reply 1 comments

Warning: Cannot modify header information - headers already sent by (output started at /var/www/pipedot.org/lib/tools/tools.php:2702) in /var/www/pipedot.org/lib/tools/tools.php on line 1524

Warning: Cannot modify header information - headers already sent by (output started at /var/www/pipedot.org/lib/tools/tools.php:2702) in /var/www/pipedot.org/lib/tools/tools.php on line 1533

Warning: Cannot modify header information - headers already sent by (output started at /var/www/pipedot.org/lib/tools/tools.php:2702) in /var/www/pipedot.org/include/common.php on line 80

Warning: Cannot modify header information - headers already sent by (output started at /var/www/pipedot.org/lib/tools/tools.php:2702) in /var/www/pipedot.org/include/common.php on line 82
Fatal Error - sql [select reason, count(reason) as reason_count, value from comment_vote where comment_id = ? group by reason order by reason_count desc] arg [2859] msg [SQLSTATE[42000]: Syntax error or access violation: 1055 Expression #3 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'pipedot.comment_vote.value' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by] - Pipedot
Fatal Error
sql [select reason, count(reason) as reason_count, value from comment_vote where comment_id = ? group by reason order by reason_count desc] arg [2859] msg [SQLSTATE[42000]: Syntax error or access violation: 1055 Expression #3 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'pipedot.comment_vote.value' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by]