Jump to content

For True Cyber Security, Using a USB Firewall Is Essential


steven36

Recommended Posts

While trojans and email phishing still feature prominently in hacker toolkits, getting into a system IRL is one of the most effective methods a truly determined hacker can use. Using a USB firewall could be your best defense.

 

original-ab316a83972ecf6af1444792cecce28

 

More than likely, your computer automatically trusts any USB device that’s plugged into it. Hackers can use malicious code that’s injected to the USB’s drivers that will compromise a system.

 
 

In the case of the Stuxnet virus that temporarily sabotaged Iran’s nuclear program, it was brought into Iran’s Natanz nuclear facility on a thumb drive by an Isreali double agent. Russia was able to break into a classified network by distributing virus-filled USB drives at retail kiosks around NATO headquarters in Kabul. Eventually, the right employee bought one and plugged it into the system that was completely unconnected to the internet.

 

Not everyone is running a classified server or a nuclear program, so a USB firewall might be a bit of overkill for some. But who hasn’t bought a cheap thumb drive in a hurry. That thing could be loaded with bad programs that you’ll never notice and is feeding your personal info to outside party.

 

Enter Robert Fisk’s GitHub project, the “USG.” From Fisk’s description:

 

Quote

 

Antivirus scanners cannot detect BadUSB because there is no virus to detect. Malicious USB commands reach directly into your USB driver stack, exploiting your computer before file-based scanners realise anything happened.

 

You can protect yourself from BadUSB by using virtualised operating systems such as Qubes. But the USG is the only plug-and-play BadUSB protection that does not require you to switch operating systems. It can even protect your legacy and embedded systems running out-of-date software...

 

The USG contains two STM32F4 microprocessors communicating over a high-speed serial link. This internal link forms a firewall barrier that effectively blocks malicious USB commands from reaching your computer.

 

 

Why should you trust this device? You shouldn’t! Trust nothing. But while, Fisk is selling them for 60 bucks a pop, the project is open source. You can know exactly what’s going on under the hood, and build it yourself. Or maybe there’s an IT guy at work that could help out. The project also comes recommended by Jamie Zawinski, a veteran programmer who has contributed to MozillaXEmacs, and early versions of the Netscape Navigator.

 

 

Whether it’s this project that catches on or an improved version of the same concept, USB firewalls are a thing that needs to happen.

[JWZ]

 

By Rhett Jones

http://gizmodo.com/for-true-cyber-security-using-a-usb-firewall-is-essent-1792986118

 

Link to comment
Share on other sites


  • Replies 1
  • Views 1k
  • Created
  • Last Reply

Years ago I bought some devices that were a Kickstarter project called 'USB Condoms'.  These devices hooked up between your computer and the usb device and blocked data transfers.  You can read a little more about them at http://int3.cc/products/usbcondoms.  Now they are sold under the name SyncStop, are a more polished device,  and you can read about it at http://syncstop.com/.

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...