[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Find something in the street and plug it in.

To: berkeleylug@googlegroups.com
Subject: Re: Find something in the street and plug it in.
From: Rick Moen <rick@linuxmafia.com>
Date: Mon, 7 Oct 2019 19:39:32 -0700
Arc-authentication-results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of rick@linuxmafia.com designates 198.144.195.186 as permitted sender) smtp.mailfrom=rick@linuxmafia.com
Arc-authentication-results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of rick@linuxmafia.com designates 198.144.195.186 as permitted sender) smtp.mailfrom=rick@linuxmafia.com
Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:user-agent:organization :in-reply-to:content-disposition:mime-version:references:message-id :subject:to:from:date:sender:dkim-signature; bh=fCjGS9ephHeMTCG+3lem/yNoW/yxczcntajCeROsyAk=; b=m9TAGjJjNyI5ZdyEzF5ej07aq9JFBic8Se0b1B6Ci0rt7j9SsI7/D0bCNEfqkzU4t9 Ox0CwuXT1hxW6/aByVRBfwnWXjJbD/ToqmILsA5B/XmjFoRRNgwxYBQORm1V13M4k68m 1CLgqsztqeQHWYeq31F8YtWZ7XN94cawsfjVvjHw8HjImwB2UPIQCBQ69DRfQE2E+JYe 4+Eblzd5wi6kbbJXZZAoEGkQ37zfk6Ij0DMxIQbpJ/GDtE1M5d4pdlSQwvVIggdH89Sh YPuRli6qyyKox3VtUQbSYQYuuiGYLTOrY5n0yy8vaAtbhefHoJgGzF9CH/YZmsVB8SsH Zf2g==
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:organization:in-reply-to:content-disposition :mime-version:references:message-id:subject:to:from:date; bh=0JteOpun0veRbjwwt2DGv/FHvkUo3j9XUASfUmlbIos=; b=zrJJOT374fJIBjgMQhYeOFGpLIQ/Mb+bDMsNaeaXMlUScqnnByav90x7vwkPMSjlWR 0WyPFa344CUm5kU+bMZiRPEEj98yRzoINGrN3W37hfaQbrLNKPHApxEq/8ttINTOTGB7 /0AzkvRUxKFaUKGiTfLDA2O0TiBDn7AhNm+eZWJy0hdg7tozj4U0YhV7Gba3890qD2In E2+wv2C0MzoovjdXQvfudmnP2V2QF7gPlU19hLY23TenfamEf7YdJYQnp7y/5S3EHZGr CybzAZjSbta6S6PeGsOKcCystB3mevIOHGRSiPc3J7RmENSlWcDq4FHa5/toC11QsAS2 3F7Q==
Arc-seal: i=2; a=rsa-sha256; t=1570502376; cv=pass; d=google.com; s=arc-20160816; b=ZOeAcR9lz7c1/dvyG++0LGdJp82TCkZktFREU/lJYYly9NjQx1mkzdJFOCOxZJY615 7Ue04ENW5M39RDBZxbEnVuWE/9zDGN20mjBrrtMXA2uu+0OZP2KsIl9W21BjLndaCicc v4g8+E7OkXSBhrOryJHKewuq4mtV00raAzDkJSnE5rCzG4mJqVSukAvL14MedRjZcAR6 IohRLGiy3ixYxpiZQy1GrvXrNMY5AxmBa/nIsi0wIWX2mQoupAFgmcnI8xYbX+iogNtF 4IM1h89MDYeEYZz9i6Z5UCNlAyxF4lCsvowNlaEDWWNJr2lX5/YkMFuuv/G7KNEgTvyD NZFw==
Arc-seal: i=1; a=rsa-sha256; t=1570502376; cv=none; d=google.com; s=arc-20160816; b=Vocatz9UpQ253K+SDWzLgUQTaIqoyjWUf2ohvFsKZF26eAXbhWut+DSrgJ3MLptPIx 1snmNDVpmVDcpGlnDOUmX2On+It4cguTe0vT4fgR+uGRTq/bFaE/+hAGVmaBsbNeLQ1l T4OdYkbmGckn7Ih+xvj87uG9H9wyyDjeeqkRTiDZE+IpwM1oPhPFohKhZ71G8b7AjO7K RZKuAg9twexZVmnBcotaNUXBBu5VPYMNaf8HKVCnAg3s/mInbdybshsSdrLJw4X13gTy 1jqwIRpE8ITkYdkvfKqH/n53AaQJr+mszkX2d5HydQZIfwbKcngr9aUJmyqEA2tiYAKc jYfA==
Delivered-to: historian@entropia.netisland.net
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to:organization:user-agent :x-original-sender:x-original-authentication-results:reply-to :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=fCjGS9ephHeMTCG+3lem/yNoW/yxczcntajCeROsyAk=; b=LSfrs8f2PZG6oSTqUXFORicQHgEDrjhuagN9Z9SBqkVvTeCAVCE+wzOKTssxuTYSFO tUX7WEP2+7TNq136p6GKhy0QhaQzCgrUzG+eenTkXStbz6tsEckdTmFmTDhseoPzxkCe GjV3remvlm7G/cULDEx4Bj1hxNBFv14u0A7audIzJbY/N1PynD+jQ/DwhWYsZWgqxAtl GiZ1TBKy/jpUV6qzlmtQE9D/S38Cu6k7wOq8peOvdPYgBtXiH2n9e9vWLifYSq78ORO0 3M0OWldglIau1s/VOKNYBJmVds8j9eB8EW0jgpK0+rS5KN1YOqgLGQwjXAHaDvWATSBp MmmQ==
In-reply-to: <20191007224714.GL6980@linuxmafia.com>
List-archive: <https://groups.google.com/group/berkeleylu>
List-help: <https://groups.google.com/support/>, <mailto:berkeleylug+help@googlegroups.com>
List-id: <berkeleylug.googlegroups.com>
List-post: <https://groups.google.com/group/berkeleylug/post>, <mailto:berkeleylug@googlegroups.com>
List-subscribe: <https://groups.google.com/group/berkeleylug/subscribe>, <mailto:berkeleylug+subscribe@googlegroups.com>
List-unsubscribe: <mailto:googlegroups-manage+61884646931+unsubscribe@googlegroups.com>, <https://groups.google.com/group/berkeleylug/subscribe>
Mailing-list: list berkeleylug@googlegroups.com; contact berkeleylug+owners@googlegroups.com
Organization: If you lived here, you'd be $HOME already.
References: <CAGpvfso2VhKyf1qZp1L=diUPHWYC6_Hd_fPNOQZa=3v=bLFtKg@mail.gmail.com> <20191007224714.GL6980@linuxmafia.com>
Reply-to: berkeleylug@googlegroups.com
Sender: berkeleylug@googlegroups.com
User-agent: Mutt/1.5.20 (2009-06-14)

I wrote:

> Web search for 'evil maid attack' for reasons why you should probably
> think once, think twice, think three times before plugging unknown USB
> device into any computer you care about.  Or start here:
> https://en.wikipedia.org/wiki/Evil_maid_attack
> https://en.wikipedia.org/wiki/Juice_jacking#Mitigation

On closer examination, the first of those two links doesn't appear to
really address the USB part of this problem at all, and I'm not sure
offhand what's a better link about the general USB problem, though Qubes
OS's page is one starting point:

https://www.qubes-os.org/doc/anti-evil-maid/

And the 'BadUSB' pages:
https://opensource.srlabs.de/projects/badusb  (see link 'Introductory
blog post' in particular)

The crux of the problem is that any USB device, if so reprogrammed by a
hostile party, can suddenly start acting like a different USB device
class than it appears to be, and taking actions hostile to the
adminstrator.  I believe I've seen a few stabs at a hardware
countermeasure like a dongle you interpose between your computer's USB
port and an outboard device.  You set a control on the dongle to permit,
say, only USB HID-class (human interface device, such as keyboard and
mouse) operations.  If the device attempts to suddenly say to the host
computer 'OK, I'm actually a mountable mass storage device', the dongle
intercepts that USB instruction and doesn't allow it through.  Likewise
if it's supposed to be a scanner, just a USB cable, etc., but upon
connection it says the host computer 'Actually, I'm an HID-class
device.'  But I cannot remember where I saw that implemented, or
(actually) if I merely saw the idea discussed but not yet implemented.

To keep informed on these sorts of things, I recommend following Brian
Krebs's 'Krebs on Security' and Bruce Schneier's blog.

-- 
You received this message because you are subscribed to the Google Groups "BerkeleyLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to berkeleylug+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/berkeleylug/20191008023932.GM6980%40linuxmafia.com.

Follow-Ups:
- Re: Find something in the street and plug it in.
  - From: tom r lopes <tomrlopes@gmail.com>

References:
- Find something in the street and plug it in.
  - From: tom r lopes <tomrlopes@gmail.com>
- Re: Find something in the street and plug it in.
  - From: Rick Moen <rick@linuxmafia.com>

Prev by Date: Re: Find something in the street and plug it in.
Next by Date: Re: Find something in the street and plug it in.
Previous by thread: Re: Find something in the street and plug it in.
Next by thread: Re: Find something in the street and plug it in.
Index(es):
- Date
- Thread