now browsing by tag
A newly discovered fundamental flaw in USB design means increased security risks for PC users. The issue derives from the fact that USB, by design, is incredibly versatile. The designers of USB technology (the USB Implementers Forum) sacrificed security in favor of versatility.
Essentially the flaw, dubbed BadUSB by Security Resarch Labs in Berlin, takes advantage of the fact that every USB device has a controller chip to manage the connection between your computer and your device. The controllers have firmware which can be reprogrammed to change the function of the device. This reprogramming can do a whole host of malicious things and is almost impossible to detect. More importantly there doesn’t appear to be an immediate fix.
Read the rest of this page »