Skip to main content
  1. Home
  2. Computing
  3. News

USB Type-C will feel a little safer with new authentication certification

By

usb if specifications screen shot 2015 11 04 at 5 53 52 pm
Image used with permission by copyright holder
Since early last year, the USB Type-C standard has been trying to infiltrate your devices by marketing itself as a versatile, reversible, and someday universal replacement for the long-running rectangular USB format you’ve likely been accustomed to for the past decade at least. And, for a connector that wants to overtake something as familiar and beloved as the USB, it’s been faring pretty well actually.

In fact, the USB Type-C’s most problematic pitfall isn’t in the design of the connector itself, but in the hardware that utilizes it. Back in November, we reported that senior software engineer at Google, Benson Leung, starting reviewing “bad” USB Type-C cables after realizing that an excessive number of them simply didn’t work as they were intended to across all properly equipped devices. Worse yet, some of them were potentially hazardous, with evidence indicating that they could deal considerable damage to chargers, USB hubs, and even computers.

Today, the USB Implementers Forum, or USB-IF, announced the USB Type-C authentication specification at the Intel Developer Forum in Shenzhen, China in order to prevent this situation from getting worse, as well as to combat some unwanted malware that has begun showing up.

Related

As Ars Technica reports, the new spec allows a host device, such as a phone or laptop, to recognize whether or not the USB Type-C connector has been certified by the USB-IF. It accomplishes this by using 128-bit encryption prior to even transmitting data or establishing a power connection.

While you may not think about how malware affects your USB devices, USB-IF said at the forum that, as an example, a bank that was concerned about the security of its USB flash drives could set up their computers so that they only work with drives marked with the bank’s own security certificates. Because the specification “references existing internationally accepted cryptographic methods for certificate format, digital signing, hash and random number generations,” USB-IF claims that it will not be difficult for organizations to make the switch from USB proper.

While USB-IF claims that support for the new specifications could be issued in a series of firmware and software updates at the discretion of OEMs, hardware without the ability to receive these kinds of updates will need to be replaced altogether.

Furthermore, a small “developer-only” update has been made to the USB Power Delivery spec that brings authentication spec support and USB Type-C Bridging that’s otherwise identical to the Power Delivery 2.0 spec.

The USB Implementers Forum has previously attempted to avert this threat by launching the USB-IF Compliance Program, which demanded that connectors be put through testing in order for developers to utilize the USB-IF logo in their marketing. This certification would thereby incentivize an effort towards universal compatibility with USB Type-C devices.

We have reached out to the USB Implementers Forum to hear more about this undertaking and will provide updates as they continue to emerge.

Editors’ Recommendations

Topics
Gabe Carey
Gabe Carey
Former Digital Trends Contributor
A freelancer for Digital Trends, Gabe Carey has been covering the intersection of video games and technology since he was 16…
The best USB-C hubs
best usb c hubs kingston nucleum hub

Most laptops today use USB Type-C as their primary (and sometimes only) ports. While USB-C has plenty of benefits, including pass-through charging and faster data transfer speeds, most people still have accessories with USB-A connections. Combine that with HDMI ports and SD cards, and USB-C still has a long way to go before it becomes a universal standard.

That’s why most people who buy a new laptop can benefit from a USB-C hub. The same goes for users who work primarily on laptop alternatives like the iPad Pro or the 2020 iPad Air. A USB-C hub allows users to connect their accessories, such as external monitors, external hard drives, and even peripherals like mice and keyboards.

Read more
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more