[Cryptography] USB firewall/condom HW/SW
Tom Mitchell
mitch at niftyegg.com
Mon Mar 13 20:22:38 EDT 2017
On Mon, Mar 13, 2017 at 12:47 PM, Bertrand Mollinier Toublet
<crypto-metzdowd at bmt-online.org> wrote:
>> On Mar 12, 2017, at 22:41, Henry Baker <hbaker1 at pipeline.com> wrote:
>>
...
>> https://github.com/robertfisk/USG/wiki
>>
>> The USG is a firewall for your USB ports. It connects between your computer and an untrusted USB device,
....
>> If you can't answer 'yes' to all these questions, you should not trust that shiny new flash drive. Plugging it in gives full control of your computer to whoever wrote your drives' firmware.
>>
...
>> Any thoughts?
>>
...
> Do I see any benefit in plugging that one random device into my computer over any other random USB device? Afraid not.
One benefit is that it is a single device to protect from a multitude
of random unknown USB devices.
Also, two devices from two sources would need to be compromised in a
compatible way for an attack to be easy.
Trust is a problem with turtles a long way down.
--
T o m M i t c h e l l
More information about the cryptography
mailing list