[Cryptography] USB firewall/condom HW/SW

Bertrand Mollinier Toublet crypto-metzdowd at bmt-online.org
Mon Mar 13 15:47:53 EDT 2017


> On Mar 12, 2017, at 22:41, Henry Baker <hbaker1 at pipeline.com> wrote:
> 
> FYI --
> 
> https://github.com/robertfisk/USG/wiki
> 
> The USG is a firewall for your USB ports.  It connects between your computer and an untrusted USB device, isolating the badness with an internal hardware firewall.
> 
> Why should I use a USG?
> 
> Say you just bought yourself a shiny new USB flash drive.  You rip it out of the packaging and plug it straight into your computer.  Oops, big mistake!
> 
> * Do you know who developed your flash drive's firmware?  (It's probably not the company name printed on the packaging)
> 
> * Has the firmware been audited for backdoors and malicious functionality?
> 
> * Can you confirm that the firmware running on your drive hasn't been maliciously modified during or after manufacture?
> 
> If you can't answer 'yes' to all these questions, you should not trust that shiny new flash drive.  Plugging it in gives full control of your computer to whoever wrote your drives' firmware.
> 
[…]
> ---
> Any thoughts?
> 
Ah, yes. Without even having to look at the details of the product, the self-targeting irony of their marketing is striking… 

Do I know who developed the USG’s firmware? No. 
Has the USG firmware been audited for backdoors and malicious functionality? I have no idea. 
Can I confirm that the firmware running on the USG has not been maliciously modified during or after manufacture? Certainly not.

Do I see any benefit in plugging that one random device into my computer over any other random USB device? Afraid not.
-— 
Bertrand


More information about the cryptography mailing list