We all use devices USB in our digital lives. New research first published by Wired reveals that there is a fundamental security flaw in the way the Universal Serial Bus works, and it could be exploited to take down anyone computer.
Wired reports that security researchers Karsten Nohl and Jakob Lell have been able to reverse engineer the firmware that controls USB's core communications capabilities. Then they also wrote a malware called BadUSB, This malware can be "installed on a USB device and take full control of a computer. The malware is invisible and does not modify the files on the memory stick.
Embedded inside USB devices is a controller chip, which allows the device and the connected computer to send and λήψη πληροφοριών. Εκεί ακριβώς ήταν η επέμβαση από τον Nohl και τον Lell. Αυτό σημαίνει ότι το κακόβουλο software them doesn't sit on μνήμη flash, but it's hidden in the firmware, which makes it undetectable by everyone, even the most tech-savvy. Lell reported to Wired:
You can give it to security researchers, detect it, delete some or all of the files, and give it back to you saying it 'clean'. The hack cannot be repaired. "
The worrying fact, of course, is that researchers will present the hack at the upcoming Black Hat security conference in Las Vegas. As the researchers say, the flaw can be exploited on any portable disk, mice, keyboards and even Android smartphones. (Theoretically, it could work on any USB device that its firmware can be reprogrammed).
