Re: Find something in the street and plug it in.

Subject: Re: Find something in the street and plug it in.

From: tom r lopes <tomrlopes@gmail.com>

Date: Mon, 7 Oct 2019 22:30:01 -0700

Arc-authentication-results: i=2; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="h0l/usrh"; spf=pass (google.com: domain of tomrlopes@gmail.com designates 2a00:1450:4864:20::143 as permitted sender) smtp.mailfrom=tomrlopes@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com

Arc-authentication-results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="h0l/usrh"; spf=pass (google.com: domain of tomrlopes@gmail.com designates 2a00:1450:4864:20::143 as permitted sender) smtp.mailfrom=tomrlopes@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com

Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:to:subject:message-id:date :from:in-reply-to:references:mime-version:sender:dkim-signature :dkim-signature; bh=N73qeFX7gXuA+ueU03AVQ9MnBdCjp97jy8CBzO/9t1I=; b=bBHCT0VepUGHkpOpIq3uGhhPTERKKWU1hr+i4/k64LxfbxB7prrDoQ/fBLA+ITzBA5 rgQfRl1eAiQvmf+o3aKWeQjsS8kbJINXDxATQvD+olbRuH6zizKgEDl4PpOuqu5yQTQx 87cZQm940aF6s2bhD1TjRwiDBwg2gRDuLyzcQ70W8/SLJYKQmuF9wm4vZ0tPufndECQe gnPQX2xe4FD8EuZvsu5P9wvO9K09wHM9L9bnGEFsa5HdKLL/VkR860p94HhRPA3C8g6n AB9Qdr97HrZhse+4JAYIdjAH8wfT8OJsKZ2cYJT9WHjNh3Xy2Eez466sj898wa/MqQ7Z AxCg==

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=pukGdqrPPTC+r+pxOs4XxqqCRYvbMeV8Q1CeY08HYe4=; b=EpgNjqEY791oSlDbePWIknKEBJKF2n6p9xUNIfdKpnmnquV9RyloIF425tYLGapdiM I9DaUB5/9GA7QRSNJWPIELah8TX5GclcSWSWmCluh861PdwSbql/lQFBdTT8iKEIgjGG WHOGj3WbWa2V7Ez7hivxeq7p0JfEISj9Y6kUBxFRkOFdB69CoIHc4WAh2vmhA1yuQ+9P e61YSfznmbW5W5NKK1i2q05FWiEJqiLXDirdXYE+i7WUiCO1mS+rg7EkcgHKjxyH3dhf mlZA1Xs3Rg+CJG8Zq09B1vm63TTNxQAInaTfOVhB4yCrT1eQVrOEahBInPwc52zx9er9 O87w==

Arc-seal: i=2; a=rsa-sha256; t=1570572101; cv=pass; d=google.com; s=arc-20160816; b=MBmlerAdTFGNJKAjchJKPznIEfXtCtiDvSVu8O0W6BqDK7DjQBSQVFTjcJllpepH4u 1BDn817256JjdmN9ztArBXZeJKR/c/rSrtRNyD21UTx8cN60xD6oMRBCHJ3PFQZALg3U pvksEmRpwsnMfO2BRTHWTMmF545WM+Z1bfNIno3UxkeOvqvdm6Su8bO1sE9gsrpE7MJp MryMe/2OFGtlmANj+aw9ArpsHQ/Y9nWeI9P1qyeILuuQqOE6thnNNgNDj81UL9JFSywn 9jbT9c+jwLVLxdMUJqbB7SLvj16bMyKD/rie/WVoH+0p08RIPgYd3RL7ZEndu2hTmhpV Y7dQ==

Arc-seal: i=1; a=rsa-sha256; t=1570512613; cv=none; d=google.com; s=arc-20160816; b=FKWxbp10mzYg7ig2UQM3VSAWeGtH3uEzqenw7g/uewQTOdR3v6bCfM/NeKVFhDEPLN Yd5UgN0bdDoaf8wtxU44iDxf9jY01UvDVIEutpcut5gXLcREmsmjDyKanuPCoE6s9k5k ap4Bk6u0+8ZUivoWXkSEkGO8IFRHQxsDbiDqgjeLmx9FXThvybWkeW/hhN5TkmZjLkTL cXX5+29sTEXLqcxHa/TwU0uKNqiTIxYR5b6tzDWtnWKA1wNUMndB1XnPv/ADMFXeXu14 J68VSNZnYLlZ0DNPbnJ6KsbYmyHzt8pT3/CaxxrLFRNRPrpIRo14LRvBcuxHyl5di3mp lJBg==

Delivered-to: historian@entropia.netisland.net

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:mime-version:references:in-reply-to:from:date:message-id :subject:to:x-original-sender:x-original-authentication-results :reply-to:precedence:mailing-list:list-id:list-post:list-help :list-archive:list-subscribe:list-unsubscribe; bh=N73qeFX7gXuA+ueU03AVQ9MnBdCjp97jy8CBzO/9t1I=; b=dNJEXn9xyRAV9FuVqxTGm1dYNTgmEetnzfuamISQR2AyUygyXYb4kwSsARwQjfu6SZ +47eSwcZfzb0A8WhImgJTdX3kK47hhGgPBNLuVkagjv/aPW82A02EVNapmiCyO9mqtvu 7PQ2/0tF0IEhnbgQAbYi9kE4rc8tpiCtLICw0qD3aLncnniNwpxoHKTx8Vk9vok/ylWq Yt/IGtA+3JewpDNqOPavxuGOPOrD+NVIQR+AdzMVswlUgeH97JlXh/vgLuZyq3mFRdJI YPIOxdEcGLdz9ADxarVyk2nZaWF4xxmRhs76nQ6GN1RCDP8vf9OlvndMa4mRhW6uW+ub QG/g==

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :x-original-sender:x-original-authentication-results:reply-to :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=N73qeFX7gXuA+ueU03AVQ9MnBdCjp97jy8CBzO/9t1I=; b=RgMm33Tf7PnJwITHpnhto/IyFG4lG4hGhwgkN7cB3TA7ADgnDcQG1C7smd3SqOlSdR Yc/64rRBYFchrAbqT3y4YeAOpHoMT0uJHo8thWKJiiMHK5CwuMdqSKKoUohZdjeLrdX+ efEpDeZQF8dAUO271eUsFGhGGM+DaXifa6iM42/jiIpLyc8HY8CFpfr752DIJZW61ATC P3zYMZr2TPtpcC8803XMtF9lN1C7HWIcvy3nlanTuZ65zHw5dxLRP6DYIo4X6E9RUsDp 8WNX4Bc30ciwGAL2l93HicPcR3tMN9x9h7u7MPq6rrtkVHVJVgcz/qcAGrUzIIuKP/jQ 4BDA==

In-reply-to: <20191008023932.GM6980@linuxmafia.com>

List-archive: <https://groups.google.com/group/berkeleylu>

List-help: <https://groups.google.com/support/>, <mailto:berkeleylug+help@googlegroups.com>

List-id: <berkeleylug.googlegroups.com>

List-post: <https://groups.google.com/group/berkeleylug/post>, <mailto:berkeleylug@googlegroups.com>

List-subscribe: <https://groups.google.com/group/berkeleylug/subscribe>, <mailto:berkeleylug+subscribe@googlegroups.com>

List-unsubscribe: <mailto:googlegroups-manage+61884646931+unsubscribe@googlegroups.com>, <https://groups.google.com/group/berkeleylug/subscribe>

Mailing-list: list berkeleylug@googlegroups.com; contact berkeleylug+owners@googlegroups.com

References: <CAGpvfso2VhKyf1qZp1L=diUPHWYC6_Hd_fPNOQZa=3v=bLFtKg@mail.gmail.com> <20191007224714.GL6980@linuxmafia.com> <20191008023932.GM6980@linuxmafia.com>

Reply-to: berkeleylug@googlegroups.com

Sender: berkeleylug@googlegroups.com

On Mon, Oct 7, 2019 at 7:39 PM Rick Moen <rick@linuxmafia.com> wrote:

The crux of the problem is that any USB device, if so reprogrammed by a
hostile party, can suddenly start acting like a different USB device
class than it appears to be, and taking actions hostile to the
adminstrator.

For example the USB Rubber Ducky https://shop.hak5.org/products/usb-rubber-ducky-deluxe

But you can also put the Raspberry Pi Zero into gadget mode and it can be plugged in and be a

HID device. (Maybe next Pi meeting someone would like to try) Though the Zero is small it is

not small enough to fool anyone.

I believe I've seen a few stabs at a hardware
countermeasure like a dongle you interpose between your computer's USB
port and an outboard device. You set a control on the dongle to permit,
say, only USB HID-class (human interface device, such as keyboard and
mouse) operations. If the device attempts to suddenly say to the host
computer 'OK, I'm actually a mountable mass storage device', the dongle
intercepts that USB instruction and doesn't allow it through. Likewise
if it's supposed to be a scanner, just a USB cable, etc., but upon
connection it says the host computer 'Actually, I'm an HID-class
device.' But I cannot remember where I saw that implemented, or
(actually) if I merely saw the idea discussed but not yet implemented.

Like a USB condom. But internet search brings up dongles that protect when plugging

into chargers. https://shop.syncstop.com/collections/buy

But I have seen some USB devices that are also flash drives (with the needed Windows

drivers.) There are also some keyboards with integrated touchpads and so would present as

two HIDs.

The Raspberry Pi Zero supposedly can be two gadgets at once.

Then there is the possibility of real maliciousness: USBkiller

Kinda like the famous etherkiller: http://www.fiftythree.org/etherkiller/ or the

BOFH story: http://www.plig.net/bofh/lastbastard.html

USB killer: https://hackaday.com/2015/10/10/the-usb-killer-version-2-0/ or the true link

in Russian: https://habr.com/en/post/268421/

Instructible (build your own) https://www.instructables.com/id/How-to-Make-USB-Killer-From-Bug-Zapper-Racket-/

I have just been thinking about power on USB because I have a small HDMI display with

5V input. And I thought to solder a USB cable instead. (Most of the time the display can get

enough juice from the HDMI) So I was looking at the spec to see if I would need to do

anything with the data lines of the cable. Then I thought USBkiller and of course someone

has already done it.

Btw I don't need to do anything with the data lines for display power. It is on the power

supply side where you have to mess with those lines. See: https://learn.adafruit.com/minty-boost/icharging

Thomas

berkeleylug+unsubscribe@googlegroups.com

https://groups.google.com/d/msgid/berkeleylug/CAGpvfsq0G3xW_cEVTrvXnDV%2BeksQn14ngPG6fVAKZDBpiDK0aw%40mail.gmail.com