Blog Post

USB’s security is fundamentally broken, researchers claim

German security researchers claim to have identified a serious vulnerability in the fundamental security of USB devices. The SR Labs team is preparing a presentation for Black Hat next week in which they will demonstrate the “BadUSB” reprogramming of the firmware in USB peripherals, such as thumb drives, keyboards and even mobile devices, to allow data theft and the hijacking and surveillance of computers to which those peripherals are attached. Karsten Nohl and Jakob Lell say there are no known defences against such malware, largely due to the way USB works, and possibly even no way to clean up after infection.

4 Responses to “USB’s security is fundamentally broken, researchers claim”

  1. keninca

    The problem isn’t with USB, it’s with how operating systems treat USB devices. They basically give the device any privileges it asks for, and that’s not the fault of the USB standard, its a flaw in the computer’s operating system.