Author Topic: Is USB Doomed? New Firmware Exploit Cannot be Fixed  (Read 3343 times)

forget
i dont get it though, how could my brand new usb that only I have used be infected with a virus? someone explain2me pls

forget
i dont get it though, how could my brand new usb that only I have used be infected with a virus? someone explain2me pls
It isn't.

Oh my god, its an exploit, not literally a virus. Its the fact that this exploit can be used to transmit undetectable viruses that causes alarm. In fact, I don't think you can actually get the virus without plugging in an infected USB.

So basically don't donwload USB of hte internet :^)

oh

so im not worried at all
but making sure, asking again: say i plug in a brand new ipod usb charger into my laptop
would that have the 'exploit' or only if it was plugged into an infected computer first?

>tfw using linux/mac
the article didn't even say anything about windows, or operating systems at all. Mac and linux use USB too.

>tfw using linux/mac

Protip: firmware doesnt mean jack stuff to OS

why worry about something that doesnt even exist?
every article is absolutely blowing this out of proportions. yes everyone is aware that usb exploits exist. its been done before. nobody is worried beacause they are easily blocked and patched.

we are not given any insight on this "badusb" thing whatever it is. we dont know who this Noel and Clapper guys are. googling it brings nothing but the same set of articles talking about how we are all dead. no proof of the malware existing, nothing is explained about the exploit and we dont have a clue who these people are or what they do apart from being bad ass elite hackers with a fedora.

you want a hack tool? go and purchase yourself one of them "rubber ducky usb" tools and youve got yourself an auto booting usb virus. plug it in and it executes anything you program for it. it acts as a keyboard. exactly what this "badusb" thing is being described as

besides its not a malware that infects your usb. you purchase a usb that is already infected from manufacturing and when plugged into pcs it transports itself over infecting it. dont purchase flash drivers from a cheap chinese man in a dark alleyway

Quote
Speaking at Derbycon in Louisville, Kentucky last week, Adam Caudill and Brandon Wilson showed the revealed code, and have now posted it on GitHub.
I sure do hope somebody punches these idiots.

But the solution here is the same as it is with any other form of malware: Don't download it.

but making sure, asking again: say i plug in a brand new ipod usb charger into my laptop
A charger has no capacity for storage.


I was expecting furling to make this after seeing the title

besides its not a malware that infects your usb. you purchase a usb that is already infected from manufacturing and when plugged into pcs it transports itself over infecting it. dont purchase flash drivers from a cheap chinese man in a dark alleyway
Basically this. The only people that would be directly effected by this are mainly companies with poor security policies, and people who are really, really handicapped.

we are not given any insight on this "badusb" thing whatever it is. we dont know who this Noel and Clapper guys are. googling it brings nothing but the same set of articles talking about how we are all dead. no proof of the malware existing, nothing is explained about the exploit and we dont have a clue who these people are or what they do apart from being bad ass elite hackers with a fedora.
There's a link to a github page which explains everything and includes source code for the malware and how to use it. I'm guessing you didn't actually read the whole article..? lol.

There's a link to a github page which explains everything and includes source code for the malware and how to use it. I'm guessing you didn't actually read the whole article..? lol.
i did but because the first 3 links were just irrelevant when i saw the "on github" part i assumed it was going to link me to the github site itself and not the page that contains the code. oh well

There's a link to a github page which explains everything and includes source code for the malware and how to use it. I'm guessing you didn't actually read the whole article..? lol.

It isn't malware, it's the code for the firmware exploit.

he's a loving idiot for releasing it