Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1. Can every USB device and most of the chips in other hardware be reprogrammed

ID: 657090 • Letter: 1

Question

1. Can every USB device and most of the chips in other hardware be reprogrammed like it works with the Bad USB hack to inject malware into the operating system?

2. For example i got a DVD burner that i bought a DVD burner to install operating systems to my notebook. The people working for the manufacturing firm do they have the skills and knowledge to rebuild the device or reflash the chip in a way that it can inject malware during the installation process?

They have the signatures so in ubuntu if one would check lsusb the device would still be recognised as a product of this manufacturer if i imagine this right.

3. I read somewhere that regarding the bad USB hack emulating a keyboard is the only possibility to take over the operating system because logically a usb device has not the "skills" of a network card. But for example if someone would rebuild a larger usb device like a keyboard or a DVD burner and put in a little extra chip there should be more possibilities and attack vectors. How could one prevent such attacks? Monitoring network activity and blocking human interface devices?

Explanation / Answer

1) BadUSB works by reprogramming a USB device's firmware "in-band" (ie. over the USB connection). Currently, only one particular model of USB controller chip is known to permit this. Devices that do not permit in-band firmware changes are not vulnerable to BadUSB.

3) No amount of firmware programming can make a device do something it doesn't have the hardware for. A USB thumb drive, for example, has neither antennas nor Ethernet jacks, and thus cannot be turned into a network card.

Putting extra chips in a device isn't a BadUSB attack. It is, however, the sort of thing a spy agency might do, and they're generally clever enough about it that you can't spot the modifications through simple means like checking for unexpected network interfaces.

Related Questions

1. Calculate the standard free-energy change (in kilojoules) at 25 °C for the re
Question #961945
1. Calculate the surface temperature on Mars in the absence of greenhouse warmin
Question #1655644
1. Calculate the tax for a married couple with taxable income of $80,000, four-p
Question #2407808
1. Calculate the theoretical density for the BCC metal barium. 2. Calculate the
Question #2993698
1. Calculate the theoretical value of e/m using the known values of the electric
Question #1551436
1. Calculate the theoretical yield of aspirin obtained when 2.0 g of salicylic a
Question #612805
1. Calculate the theoretical yield of aspirin obtained when 2.0 g of salicylic a
Question #754698
1. Calculate the theoretical yields of the compounds to be prepared in this expe
Question #796163

Navigate

Previous
1. Can a child\'s FK field have a different name than the parent\'s PK field? Pr
Next
1. Can management of a company such as Research in Motion (RIM) use cycle time a

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.