While trojans and email phishing still feature prominently in hacker toolkits, getting into a system IRL is one of the most effective methods a truly determined hacker can use. Using a USB firewall could be your best defence.
More than likely, your computer automatically trusts any USB device that’s plugged into it. Hackers can use malicious code that’s injected to the USB’s drivers that will compromise a system.
In the case of the Stuxnet virus that temporarily sabotaged Iran’s nuclear program, it was brought into Iran’s Natanz nuclear facility on a thumb drive by an Isreali double agent. Russia was able to break into a classified network by distributing virus-filled USB drives at retail kiosks around NATO headquarters in Kabul. Eventually, the right employee bought one and plugged it into the system that was completely unconnected to the internet.
Not everyone is running a classified server or a nuclear programme, so a USB firewall might be a bit of overkill for some. But who hasn’t bought a cheap thumb drive in a hurry. That thing could be loaded with bad programs that you’ll never notice and is feeding your personal info to outside party.
Enter Robert Fisk’s GitHub project, the “USG.” From Fisk’s description:
Antivirus scanners cannot detect BadUSB because there is no virus to detect. Malicious USB commands reach directly into your USB driver stack, exploiting your computer before file-based scanners realise anything happened.
You can protect yourself from BadUSB by using virtualised operating systems such as Qubes. But the USG is the only plug-and-play BadUSB protection that does not require you to switch operating systems. It can even protect your legacy and embedded systems running out-of-date software...
The USG contains two STM32F4 microprocessors communicating over a high-speed serial link. This internal link forms a firewall barrier that effectively blocks malicious USB commands from reaching your computer.
Why should you trust this device? You shouldn’t! Trust nothing. But while, Fisk is selling them for $60 (£49) a pop, the project is open source. You can know exactly what’s going on under the hood, and build it yourself. Or maybe there’s an IT guy at work that could help out. The project also comes recommended by Jamie Zawinski, a veteran programmer who has contributed to Mozilla, XEmacs, and early versions of the Netscape Navigator.
Whether it’s this project that catches on or an improved version of the same concept, USB firewalls are a thing that needs to happen. [JWZ]