• Cryptocurrency
  • Earnings
  • Enterprise
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact Us
TechBooky
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home Research/How to do it

Why the Security of USB Is Fundamentally Broken

Paul Balo by Paul Balo
July 31, 2014
in Research/How to do it, Security
Share on FacebookShare on Twitter

Sharing USB drives pose a notable risk for malware infection that persists despite antivirus scans and occasional reformatting. This is attributed not just to the files a device might carry, but the very design and operational architecture of USB technology.

Security researchers Karsten Nohl and Jakob Lell provided alarming evidence to this effect, revealing the inherent flaws in USB security through their study. They introduced a proof-of-concept malware, BadUSB, that once housed in a USB device, could compromise PCs, subtly alter files, or tamper with internet traffic. Uniquely, this malware resides not in the device’s storage, but in the firmware that governs essential functions and can endure even when it appears that all data has been removed. Nohl and Lell warn that prevention of such a breach is almost impossible without strictly avoiding USB sharing or physically barricading the ports.

The implications of this problem are profound as they cannot be patched. USB design is being exploited in this process, making it necessary to consider USBs as compromised and disposable on interfacing with an unsecure computer.

Nohl and Lell’s research highlights the core issue: the firmware found in all USBs can harbour malicious code. This vulnerability is not restricted just to thumb drives but spans all devices using USB technology, from keyboards to smartphones.

Maintaining the integrity of USB firmware is a tough task due to the lack of ‘code-signing’ measures which validate incoming code as original from the device’s manufacturer. Without such measures and without true firmware for comparison, USB security becomes a challenge.

Nohl and Lell’s studies made it clear that secure usage of USB devices is a far-stretched ideal. To Nohl’s mind, the only practical solution is a paradigm shift in USB usage – avoiding connecting USBs to unknown or insecure computers and not introducing unfamiliar USB devices into your own system – thus undermining the essential utility of these versatile, omnipresent devices.

Recognizing this threat is the first step. The next step is to actualize this new security model, which would necessitate convincing device manufacturers of its urgency. If not, Nohl suggests treating USB devices with extreme caution – rendering them unshareable and reversing their innate convenience.

Updated in 2025 to align with recent developments.

Related Posts:

  • ORJAL4DYNFOR3K2HJT2YITAO6Q
    Meta Warns of WhatsApp Security Threat
  • Robotics
    Nigeria Ranked As Africa’s Second Most Cyber-secure…
  • Microsoft Teams
    Microsoft Teams Vulnerability Exposes User Systems
  • Fastest-VPN-for-Streaming-Movies-TV-Shows
    5 Reasons To Consider Using A VPN When Streaming…
  • router-595x335_0
    US And UK Warn Of Custom Malware Vulnerability On…
  • newFile-4
    Dorsey Says Bitchat Software Lacks Security Review
  • c4398f2d-a521-487b-b68e-c986db06f158
    Microsoft Disables ActiveX in Office 2024 &…
  • 54864b620653bb3f721c8c73ab513568
    TikTok Launches "Security Checkup" Tool to Protect…

Discover more from TechBooky

Subscribe to get the latest posts sent to your email.

Paul Balo

Paul Balo

Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.

BROWSE BY CATEGORIES

Select Category

    Receive top tech news directly in your inbox

    subscription from
    Loading

    Freshly Squeezed

    • Google Launches ‘vibe-coding’ App Called Opal July 26, 2025
    • Intel Plans to Spin off Network and Edge Division July 26, 2025
    • Investigation Underway into Starlink Global Outage July 26, 2025
    • Microsoft Look Into Microsoft 365 Admin Centre Outage July 26, 2025
    • FIRS Partners with Banks and Fintechs for VAT Monitoring July 26, 2025
    • X Experiments with Community Notes for Popular Content July 25, 2025

    Browse Archives

    July 2025
    MTWTFSS
     123456
    78910111213
    14151617181920
    21222324252627
    28293031 
    « Jun    

    Quick Links

    • About TechBooky
    • Advertise Here
    • Contact us
    • Submit Article
    • Privacy Policy
    Generic selectors
    Exact matches only
    Search in title
    Search in content
    Post Type Selectors
    • African
    • Artificial Intelligence
    • Gadgets
    • Metaverse
    • Tips
    • About TechBooky
    • Advertise Here
    • Submit Article
    • Contact us

    © 2025 Designed By TechBooky Elite

    Discover more from TechBooky

    Subscribe now to keep reading and get access to the full archive.

    Continue reading

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.