Call Search

New to Ham Radio?
My Profile

Friends Remembered
Survey Question

DX Cluster Spots

Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement

donate to eham
   Home   Help Search  
Pages: [1]   Go Down
Author Topic: All USB ports vulnerable to unstoppable Hack  (Read 3456 times)

Posts: 5557

« on: October 06, 2014, 01:28:44 PM »

You might have heard about this last week, but now it has been released to the public.

I suggest if you own a company you seriously consider the fact that any employee could have this code on a USB thumb drive and it will not be detected by any firewall or antivirus software on your network.


“A lie can travel half way around the world while the truth is putting on its shoes.”  (Mark Twain)

Posts: 141

« Reply #1 on: October 06, 2014, 03:08:58 PM »

I've seen articles that mention "malicious code;" but it appears they're referring to the phoney code programmed on the USB stick that makes the device be recognized as something it's not, opposed to actual code sent to the PC.

The news articles on this topic are rather vague. I don't doubt the threat to be serious, though. I'm sure there's many devices I have not thought of that could be improperly recognized which I wouldn't want connected to my PC. Some devices that come to mind, could pretend to be a USB:

- wired network card which begins intercepting/sending/receiving/analyzing/altering network traffic
- keyboard that can attempt passwords at blazing speeds
- sound card which can hear what's being played on the PC
- video OUTPUT that streams the screen view
- device acting as all the above, someone could control the PC as if they were sitting at the console; and send any traffic and control the PC they wish

In Linux, it's much easier to see the device ID(s) of the inserted device(s) (with the command lsusb). Usually in Windows, just the hard-coded name is displayed to the user. You have to browse the Device Manager for a new device then open its properties to locate it in Windows. It seems like this phoney code may take advantage of the fact that the manufacturer can have any name appear for the inserted device, while the computer actually installs/runs drivers based on the Hardware ID.

Posts: 15050

« Reply #2 on: October 06, 2014, 03:30:35 PM »

Its more than just a USB stick that can be a threat. The demo was a cell phone that while being connected for charging would act as a network interface and feed false web pages to the computer. The user thinks he is connected to his bank's web page and enters his username and password, which is now loaded into the cell phone's memory.

The key is not to let anyone connect their USB device to your computer.

Bob  AA4PB
Garrisonville, VA

Posts: 5557

« Reply #3 on: October 06, 2014, 04:33:37 PM »

From what I read last week this vulnarability cannot be patched and what it means is that IF your phone or USB key has a USB virus and you then plug that device it into any other USB device, the unit can pass on the virus.  The applications seem limitless, from key loggers to full blown shields down on your firewall.

All of our work systems had the CD/DVD roms removed years ago and now we our probably going to have to remove all front facing USB ports and somehow prevent the back ones from being used or tampered with.

My best short tern guess is that they are going to have to come up with some sort of USB hub that can intercept any malicious code before passing it to the main ports.  Long term is just waiting for replacement mobo's that dont have the problem.

“A lie can travel half way around the world while the truth is putting on its shoes.”  (Mark Twain)
Pages: [1]   Go Up
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!