Skip to main content

Plug the USG into your port before you plug in that new USB flash drive

usg protects against usb based malware usage diagram header
Robert Fisk
A number of nasty methods exist to remotely exploit a device, for example, a router that is connected to the internet. There are even more ways to exploit a PC if the cybercriminal has physical access to it. But the most embarrassing, perhaps, is when you infect your own PC by plugging in a malware-infested USB flash drive.

That is probably not terribly fair — anyone can be tricked into plugging in such devices, given that they are designed to look just like any other flash drive. And there is little you can do to protect yourself against them, which is something a new hardware firewall called USG is intended to help prevent, Hackaday reports.

The reason malware-infected USB flash drives are so dangerous is that devices using attacks like BadUSB inject their malicious code directly into the USB driver software that enables a PC to connect to a USB device. The code is executed by the USB device’s own microprocessor, meaning there is no virus file being accessed on the PC that antivirus software can recognize and protect against.

The USG device created by engineer Robert Fisk sits in between the PC’s USB port and any device that is going to be plugged in, inserting an SPI hardware firewall to isolate any bad USB device. Because the firmware of the USG device is completely open, anyone with the technical know-how can dig into it and verify that it can be trusted — something that’s just not possible with the typical USB flash drive.

According to some sources, even factory-fresh USB flash drives can’t be assumed free of malware, backdoors, and other nefarious purposes, and so a device like the USG could one day be more than just a luxury of the paranoid. Fisk provides details on how to build your own USG device, along with information on how and why it works. He also sells a version that is more professional in appearance for $60, in case you don’t have the time or technical inclination to build your own.

Updated on 3-6-2017 by Mark Coppock: Clarified that the USG is an SPI hardware firewall and updated pricing information.

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more