My USB ports are protected by one of these.
Posted on 05/14/2015 5:42:34 PM PDT by 9thLife
Quick! The bad guy/super villain has left the room! Plug in a mysterious device that’ll hack up their computer while an on-screen progress bar ticks forward to convey to the audience that things are working!
It’s a classic scene from basically every spy movie in history. In this case, however, that mystery device is real.
Samy Kamkar — developer of projects like that massive worm that conquered MySpace back in 2006, or SkyJack, the drone that hijacks other drones — has released a video demonstrating the abilities of a particularly ridiculous “necklace” he sometimes wears around.
Called USBdriveby, it’s a USB-powered microcontroller-on-a-chain, rigged to exploit the inherently awful security flaws lurking in your computer’s USB ports. In about 60 seconds, it can pull off a laundry list of nasty tricks:
It starts by pretending to be a keyboard/mouse. If you have a network monitor app like Little Snitch running, it uses a series of keystrokes to tell LittleSnitch that everything is okay and to silence all warnings. It disables OS X’s built-in firewall. It pops into your DNS settings and tweaks them to something under the hacker’s control, allowing them to replace pretty much any website you try to visit with one of their own creation. It opens up a backdoor, then establishes an outbound connection to a remote server which can send remote commands. Since the connection is outbound, it eliminates the need to tinker with the user’s router port forwarding settings. It closes any windows and settings screens it opened up, sweeping up its footprints as it heads for the door. So in 30-60 seconds, this device hijacks your machine, disables many layers of security, cleans up the mess it makes, and opens a connection for remote manipulation even after the device has been removed. That’s… kind of terrifying.
While the video above focuses on OS X, the methods tapped here aren’t exclusive to Apple’s platform. Kamkar says everything shown so far is “easily extendable to Windows or *nix.”
So what can you do to protect yourself from things like this? Not a whole lot, really — that’s why attacks like this and BadUSB are so freaky. A lot of these flaws are inherent to the way the USB protocol was designed and implemented across so many hundreds of millions of computers; short of filling your USB ports with cement or never,
And where can I get one of these?
NSA surplus store.
My USB ports are protected by one of these.
usb port blocker
I think he sho.ws you how to build it.
wow, that is scary. so simple, yet so effective
So when the day comes that they want to shut down all computers......They just send the command. ;-)
The line between paranoia and sound reasoning is getting mighty thin lately.
If you want on or off the Mac Ping List, Freepmail me.
I challenge the members of the Apple ping list to each donate at least $10 each to the latest Freepathon. I HAVE donated $100. Many members of the Apple Ping list are already rising to the challenge. Join them. Let's show the power of the Apple Ping list in supporting Freerepublic!
We’ve had a thread on this threat before. . . but this one has a great video on how it is done. . . worth watching.
But yours has ammo in the magazine right.....:o)
It do, it do, but the magazine isn’t in the well, and the cap is on the magazine.
But my German Shepherd will fend off any suspect USB devices long enough for me to get my weapon system online!
If so, pay attention to who is allowed access to your machine!
Jesus Christ: You can’t impeach Him and He ain’t gonna resign.
How might a computer determine that a USBdriveby is not just a new keyboard or mouse? Some sort of hardware authentication?
Posilutely, absotively correctomundo. . . and it will work just as well on a Windows or Linux box with a USB port because the vulnerability is in the USB standard. It's why Apple went with the new USB-C ports. Those don't have that vulnerability.
from my understanding, it cannot. They'd have to change the USB standard completely. . . or put USB into a sandbox on the system. That is probably the only viable solution.
Each USB device has a unique hardware ID. It is a sequence of two 32-bit hex numbers: something like 0FEF:A7E8.
(Tip: it looks like a 32-bit segmented memory address! Run for the hills!)
The first word is the manufacturer ID. They are unique, up to 2^32 manufacturers can be listed (~4.2 billion).
The second word is a unique number assigned to the specific device. As such, each manufacturer can have up to 2^32 different devices.
Note that this is listed BEFORE the device even tells the computer what USB device class it is (HID, in this case—human interface devices, which encompass keyboards and mice)—one could theoretically block devices coming from a particular manufacturer.
(Tip: The manufacturer ID used in the example actually refers to a real business concern; they don’t really have any devices to speak of...)
Which means that there are up to 65536 manufacturers, with 65536 devices each.
I could see his POTUSness usurping this motto.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.