Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 02 Oct 2014, 09:14
All times are UTC - 4
 Forum index » Off-Topic Area » Security
BadUSB thumbdrive hacks computers.
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
Sky Aisling


Joined: 27 Jun 2009
Posts: 908
Location: Port Townsend, WA. USA

PostPosted: Thu 31 Jul 2014, 19:37    Post_subject:  BadUSB thumbdrive hacks computers.
Sub_title: Researchers devise stealthy attack that reprograms USB device firmware.
 

Quote:
When creators of the state-sponsored Stuxnet worm used a USB stick to infect air-gapped computers inside Iran's heavily fortified Natanz nuclear facility, trust in the ubiquitous storage medium suffered a devastating blow. Now, white-hat hackers have devised a feat even more seminal—an exploit that transforms keyboards, Web cams, and other types of USB-connected devices into highly programmable attack platforms that can't be detected by today's defenses.

Dubbed BadUSB, the hack reprograms embedded firmware to give USB devices new, covert capabilities. In a demonstration scheduled at next week's Black Hat security conference in Las Vegas, a USB drive, for instance, will take on the ability to act as a keyboard that surreptitiously types malicious commands into attached computers. A different drive will similarly be reprogrammed to act as a network card that causes connected computers to connect to malicious sites impersonating Google, Facebook or other trusted destinations. The presenters will demonstrate similar hacks that work against Android phones when attached to targeted computers. They say their technique will work on Web cams, keyboards, and most other types of USB-enabled devices.
...


http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/
Back to top
View user's profile Send_private_message 
stray_dog

Joined: 18 Mar 2014
Posts: 39

PostPosted: Fri 01 Aug 2014, 18:27    Post_subject:  

Yea, Wired posted an article about this too, here: http://www.wired.com/2014/07/usb-security/ ... it caught my attention because I do like to use a usb Puppy, it's so much smaller than a cd. The comments section seems to have some interesting points - don't know enough about it to know what's what, though. I guess we'll have to see how it all works out & what can be demonstrated.
Back to top
View user's profile Send_private_message 
grump


Joined: 10 Oct 2011
Posts: 103
Location: Melbourne, Oz

PostPosted: Fri 01 Aug 2014, 20:20    Post_subject:  

How does one reprogram firmware? I know I can get 'firmware updates' for devices like my DSLR camera and wireless modem, but I would think that they would be specially designed that way ie some circuitry and a small EPROM to control the circuitry. I imagine that a simple USB stick would have the 'software' hard coded ie in ROM. Please explain.
Back to top
View user's profile Send_private_message 
starhawk

Joined: 22 Nov 2010
Posts: 2879
Location: Everybody knows this is nowhere...

PostPosted: Fri 01 Aug 2014, 21:01    Post_subject:  

ROM != hard wired. (I think that's what you meant by "hard coded".) Hard wired = circuitry fixed in such a way that it doesn't /need/ ROM.

ROM has firmware in it. Firmware = software-on-a-chip. Most ROMs can be written to. You erase the ROM, and then you rewrite it all. (When you erase a ROM chip, you erase the whole chip.)

Flash "ROM" != ROM. Flash memory is actually NVRAM (Non-Volatile RAM, i.e. RAM that doesn't get amnesia at power loss). Flash is an altogether different creature that can be erased and rewritten in parts -- you erase a "block" and rewrite it, sorta like on a hard drive BUT it's not got little spinny bits in it Wink

There is a thing called a Mask ROM or Masked ROM. This is one member of a family of ROMs called "OTP" ROMs (OTP = One Time Programmable) -- it is programmed as it is made in the factory, and it is internally hard-wired so that it cannot be reprogrammed. OTP ROMs are all non-reprogrammable, hence the name.

When you get a firmware update, it comes as a program that loads into RAM, wipes the ROM chip, and then rewrites the ROM chip -- the WHOLE chip for both write and erase.

EPROMs are old as dust, BTW, everyone uses EEPROMs now. No need for the higher voltage requirements of old.

A USB flash drive has a microcontroller in it, that handles communication and storage/allocation type stuff. Look up the 8051 (aka MCS-51) if you want to read about one of the most well-known and well-used microcontrollers -- it's *still* in use, twenty-odd years later, and it's about as rare as sand on a beach. More modern microcontrollers (such as the PIC series by Microchip Tech, and the Atmel ATMega of Arduino fame) have RAM and ROM built in. The ROM is by design reprogrammable in most microcontrollers (to be fair, I have a digitally controlled ceramic heater --or the remains thereof-- with an OTP microcontroller in it). The USB drive almost certainly uses DFU (Device Firmware Update), a mode built into USB for this specific purpose. (Don't bother Wiki-ing that one, the page has two sentences and two links.)

Hope I've been helpful Smile

_________________
Loving X-Slacko 2.1!
Custom Build: HP MOCA-AR + Core2Duo T7200 + 4gb RAM + 256gb SSD
...just needs a pretty case Wink
Back to top
View user's profile Send_private_message 
grump


Joined: 10 Oct 2011
Posts: 103
Location: Melbourne, Oz

PostPosted: Sat 02 Aug 2014, 07:19    Post_subject:  

Thanks for that explanation.
Back to top
View user's profile Send_private_message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11083
Location: Arizona USA

PostPosted: Fri 15 Aug 2014, 16:20    Post_subject:  

Most USB thumb drives can be reprogrammed to silently infect computers
Quote:
...a malware program can replace the firmware on a USB device like a thumb drive by using secret SCSI (Small Computer System Interface) commands and make it act like some other type of device, for example, a keyboard...

...One of the attacks involves a USB stick that acts as three separate devices—two thumb drives and a keyboard. When the device is first plugged into a computer and is detected by the OS, it acts as a regular storage device. However, when the computer is restarted and the device detects that it’s talking to the BIOS, it switches on the hidden storage device and also emulates the keyboard...

...For the purpose of exchanging files with other people an SD (Secure Digital) memory card would be a safer choice than a USB thumb drive

Hmm, it's news to me that SD cards actually have some kind of security baked in. I always assumed the "write protect" switch was the security.

So USB flash memory controller manufacturers got together and added some secret commands to the SCSI command set. Nice. Twisted Evil

I found this by googling USB flash controller firmware. I didn't see anything about secret commands that get into the controller or change the firmware though.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0621s ][ Queries: 12 (0.0040s) ][ GZIP on ]