USB 'critically flawed' after bug discovery

USB 'critically flawed' after bug discovery


Cyber-security experts have dramatically called into question the safety and security of using USB to connect devices to computers.

Berlin-based researchers Karsten Nohl and Jakob Lell demonstrated how any USB device could be used to infect a computer without the user's knowledge.

The duo said there is no practical way to defend against the vulnerability.

The body responsible for the USB standard said manufacturers could build in extra security.

SOURCE

But Mr Nohl and Mr Lell said the technology was "critically flawed".

It is not uncommon for USB sticks to be used as a way of getting viruses and other malicious code onto target computers.

Most famously, the Stuxnet attack on Iranian nuclear centrifuges was believed to have been caused by an infected USB stick.

However, this latest research demonstrated a new level of threat - where a USB device that appears completely empty can still contain malware, even when formatted.

The vulnerability can be used to hide attacks in any kind of USB-connected device - such as a smartphone.

"It may not be the end of the world today," Mr Nohl told journalists, "but it will affect us, a little bit, every day, for the next 10 years".

'Chip' exploited

USB - which stands for Universal Serial Bus - has become the standard method of connecting devices to computers due to its small size, speed and ability to charge devices.

USB memory sticks quickly replaced floppy disks as a simple way to share large files between two computers.

The connector is popular due to the fact that it makes it easy to plug in and install a wide variety of devices. Devices that use USB contain a small chip that "tells" the computer exactly what it is, be it a phone, tablet or any other piece of hardware.


Our Offer


Website Development Software Development Server & Networking Digital Marketing