Encryption or doing something with USB will not solve the problem. The flaw is with Plug-n-play and well known since it's early days. The exposure is not a surprise. In the past, it was considered a non-problem mostly because USB was device specific (e.g. disks, mouse, keyboard, ...). Virus scanners now typically scan removeable storage when they come online (CD's, DVD's, USB memory sticks / disks, This eliminated the biggest risk with Plug-n-play because you typically knew the USB devices you plugged in..
USB (and probably firewire too) has always supported multiple active devices on a single USB connection. What has changed was the introduction of smart devices. Most recognizable would be smart phones. These devices generally don't have virus scanners so the introduction of a virus is fairly simple. That virus could easily send a plug-n-play device request over USB for any supported plug-n-play device driver and use any of that devices features to invade your system. Hackers don't need to build any special plug-n-play device driver because most plug-n-play operating systems come with many drivers just on the off chance you might need it. For example, USB keyboard, mouse and secondary display drivers already exist. With these 3 devices, a hacker would have full control of your system and could do anything they want. I'm sure there must be other USB device drivers that a hacker can exploit. Many parents would never let their kids on their computers just to avoid viruses. If their kids asked their parents to copy photo's from their smart phones, they never think about the exposure and will simply connect it. Jon Perryman. On Monday, August 11, 2014 11:55 AM, CM Poncelet <[email protected]> wrote: > >I probably did miss the point. What I meant was, if it is about >*protecting* USB sticks from being tampered with, this can be done by >encrypting them so that a password must be entered before they can be >accessed at all. Obviously this won't work if the malware is present >before the USB is encrypted, or if the USB's firmware has itself been >corrupted, or if a non-encrypted USB can be plugged in. Formatting it >and then shredding its free space (e.g. via PGP or Symantec's Norton >Utilities etc.), or erasing all its contents (via PGP), should get rid >of any uploaded malware data - if the USB's firmware has not itself been >corrupted. Perhaps I am still missing the point ... 8-( > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
