Researcher Details USB-Based Attack That Circumvents All Known Protective Security Measures
Security research Karsten Nohl of Berlin's SR Labs has revealed a flaw in USB devices that potentially allows hackers to evade all known security measures used by a computer. In a report by Wired, Nohl says his BadUSB exploit is "almost like a magic trick" because "you cannot tell where the virus came from."
The exploit takes advantage of a flaw that allows a hacker to tamper with the firmware that controls the functions of USB devices such as mice, thumb drives and keyboards.
Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue.
“These problems can’t be patched,” says Nohl, who will join Lell in presenting the research at the Black Hat security conference in Las Vegas. “We’re exploiting the very way that USB is designed.”
Nohl, along with fellow SR Labs researcher Jakob Lell, will present additional details on this attack during a presentation at the annual Black Hat hacking conference, which will be held next week in Las Vegas. The title of his presentation is "Bad USB - On Accessories that Turn Evil."
Popular Stories
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for more than five more months, there are already plenty of rumors about the devices.
It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component...
Apple's CarPlay system for accessing iPhone apps on a vehicle's dashboard screen received three popular apps this week: ChatGPT, Google Meet, and Audiomack.
CarPlay Ultra in an Aston Martin
In addition, WhatsApp is beta testing a revamped CarPlay app that will improve upon the basic Siri-based functionality that was previously available.
Make sure you have the latest version of each app...
We're long overdue for an Apple TV update, and there have been rumors about an imminent refresh since late last year. It's now sounding like we're not going to get a new version for several months because of Siri delays. If you're holding out for a new model, here's a recap on what to expect when it eventually comes out so you can decide whether to continue to wait, or buy now.
Design
Apple ...
Popular Stories
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for more than five more months, there are already plenty of rumors about the devices.
It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component...
Apple's CarPlay system for accessing iPhone apps on a vehicle's dashboard screen received three popular apps this week: ChatGPT, Google Meet, and Audiomack.
CarPlay Ultra in an Aston Martin
In addition, WhatsApp is beta testing a revamped CarPlay app that will improve upon the basic Siri-based functionality that was previously available.
Make sure you have the latest version of each app...
We're long overdue for an Apple TV update, and there have been rumors about an imminent refresh since late last year. It's now sounding like we're not going to get a new version for several months because of Siri delays. If you're holding out for a new model, here's a recap on what to expect when it eventually comes out so you can decide whether to continue to wait, or buy now.
Design
Apple ...
