[Noisebridge-discuss] Physical USB block
Glen Jarvis
glen at glenjarvis.com
Sat Feb 20 20:38:54 UTC 2016
I don't think there is any secret that USB attacks are completely feasible
and impossible to detect after the fact:
*
http://www.extremetech.com/computing/187279-undetectable-indefensible-security-flaw-found-in-usb-its-time-to-get-your-ps2-keyboard-out-of-the-cupboard
* https://srlabs.de/badusb/
*
http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html
Often we miss the low-tech more obvious physical solutions to problems. For
example, this solution is a perfect low-tech solution to Webcam hacks:
http://www.amazon.com/Black-Slider-Webcam-Cover-Professional/dp/B018N0LCNM
I have a MacbookPro that I keep reasonably secure (well, as reasonably as
one can without controlling the OS yourself and without the ability to
completely trust Apple's security). Within those parameters, I would like
to block my USB Devices.
I know that I can physically block my devices with a tool such as these:
*
http://cdn.opentip.com/Electronics/Lindy-Usb-Port-Blocker-Pack-p-1971183.html
*
http://www.kensington.com/us/us/4483/lock-anchor-points-accessories#.VsjNYZMrJE7
[It's not clear to me, however, how easily I could remove the USB block
with the provided keys. Or, if what I'm about to explain below is already
solved in the above solution.]
I would like is a device that would allow me to take my tin hat off when I
want to. For example, a physical block like above that would allow a
connection into it and pass the connection to the USB port inside.
Physical keys (although they can be picked) generally allow only one
physical connection to perform a function (turning the lock). Is there a
USB Port blocker like above that would take it's own unique insertion,
passing the connection through the blocked USB device.
I would wish to use the device by placing it (as an adaptor) on a USB key
that I trust and then plugging that into the port blocked device. This
would allow some of the convenience of using USB as long as one had the
connector that would convert a USB to be connected to the blocked port.
This would allow a moderate increase in physical security -- at least one
would need to remove the blocked port and bypass the adaptor key to plug in
a USB device.
In summary, my macbook USB ports would all be "port blocked" with a plug.
And, each time I wanted to use USB, I simply took out my adaptor key,
placed it on the USB device in question, and then inserted it into the
"blocked port".
I am surprised I can't find this device to purchase. Has anyone found
someone like this?
If not, would someone start a kickstarter, make a million dollars off this
idea, and make a similar device that I can purchase :) Tell me where to
sign up. :)
Cheers,
Glen Jarvis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20160220/061b0d45/attachment-0002.html>
More information about the Noisebridge-discuss
mailing list