Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Researchers discover way to create trojans in USB hardware
Tech 1984 ^ | 7/6/2010 | Tech 1984

Posted on 07/06/2010 3:36:38 PM PDT by oc-flyfish

Wonderful, just one more way for our benevolent federal government to spy on us.


TOPICS: Crime/Corruption; Government; News/Current Events; Technical
KEYWORDS: hacker; trojan; usb
Navigation: use the links below to view more comments.
first 1-2021-30 next last

1 posted on 07/06/2010 3:36:44 PM PDT by oc-flyfish
[ Post Reply | Private Reply | View Replies]

To: ShadowAce; bamahead

fyi


2 posted on 07/06/2010 3:40:10 PM PDT by rabscuttle385 (Live Free or Die)
[ Post Reply | Private Reply | To 1 | View Replies]

To: oc-flyfish

Hey, I just sent in my donation to FR. You should do the same thing too!


3 posted on 07/06/2010 3:40:26 PM PDT by oc-flyfish
[ Post Reply | Private Reply | To 1 | View Replies]

To: oc-flyfish

And what do we get if we donate? A FR cap?


4 posted on 07/06/2010 3:46:03 PM PDT by Soothesayer9
[ Post Reply | Private Reply | To 3 | View Replies]

To: oc-flyfish

I know an It guy (really great) who cleans my puter every so often.

He said I had some really bad stuff on it this time.
Do you know anything about a trojan called BHO-AM? I get hit every morning around 4:30.

It is really PMO.


5 posted on 07/06/2010 3:47:53 PM PDT by Marty62 (marty60)
[ Post Reply | Private Reply | To 1 | View Replies]

To: oc-flyfish

I wonder if this is unique to Windows systems...the article doesn’t say.


6 posted on 07/06/2010 3:48:03 PM PDT by bigbob
[ Post Reply | Private Reply | To 1 | View Replies]

To: Soothesayer9

The ability to keep FR online for another 3 months. :-)


7 posted on 07/06/2010 3:48:08 PM PDT by oc-flyfish
[ Post Reply | Private Reply | To 4 | View Replies]

To: bigbob

The article does not say. I think it would work across systems but the trojan would have to be written to “understand” the system calls used by a Mac, versus Linux, versus Windows.


8 posted on 07/06/2010 3:50:03 PM PDT by oc-flyfish
[ Post Reply | Private Reply | To 6 | View Replies]

To: Marty62

Gee, I have the same BHO one as well! I hear it self destructs in 2012.


9 posted on 07/06/2010 3:50:50 PM PDT by oc-flyfish
[ Post Reply | Private Reply | To 5 | View Replies]

To: oc-flyfish
Let's no forget Red China.Just about every USB drive is made either in Taiwan or Red China itself.And The Chicoms certainly have enough operatives in Taiwan so that their units would be suspect as well.
10 posted on 07/06/2010 3:52:01 PM PDT by Gay State Conservative (''I don't regret setting bombs,I feel we didn't do enough.'' ->Bill Ayers,Hussein's mentor,9/11/01)
[ Post Reply | Private Reply | To 1 | View Replies]

To: oc-flyfish

OK!:)


11 posted on 07/06/2010 3:56:00 PM PDT by Marty62 (marty60)
[ Post Reply | Private Reply | To 9 | View Replies]

To: oc-flyfish

I cleaned my USB drive, but after I got it out of the dryer, it no longer worked.


12 posted on 07/06/2010 3:57:57 PM PDT by UCANSEE2 (The Last Boy Scout)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Gay State Conservative

>>Let’s no forget Red China.

Hey, I know... let’s outsource the manufacturing of vlsi chips critical to economic and military industrial infrastructures to our “former” enemies and current competitors. What could possibly go wrong?


13 posted on 07/06/2010 4:27:05 PM PDT by LomanBill (Animals! The DemocRats blew up the windmill with an Acorn!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Soothesayer9; oc-flyfish; All
"And what do we get if we donate? A FR cap?"

"The ability to keep FR online for another 3 months. :-)"

...and quite possibly........

Photobucket

14 posted on 07/06/2010 4:35:01 PM PDT by musicman (Until I see the REAL Long Form Vault BC, he's just "PRES__ENT" Obama = Without "ID")
[ Post Reply | Private Reply | To 4 | View Replies]

To: oc-flyfish
Here's the referenced article:

http://tarpit.rmc.ca/leblanc/Research/Clark_Leblanc_Knight-HW_Trojan_Horse_Unintended_USB_Channels.pdf

Bah.

15 posted on 07/06/2010 5:02:59 PM PDT by TChad
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

16 posted on 07/06/2010 5:28:08 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: musicman
Obama BS decoder?? You mean this:


17 posted on 07/06/2010 5:44:01 PM PDT by Still Thinking (Freedom is NOT a loophole!)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Soothesayer9
no, the knowledge you're no longer a freeloader...
18 posted on 07/06/2010 5:47:20 PM PDT by Chode (American Hedonist *DTOM* -ww- NO Pity for the LAZY)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Still Thinking
Muttley Laugh
19 posted on 07/06/2010 6:14:48 PM PDT by musicman (Until I see the REAL Long Form Vault BC, he's just "PRES__ENT" Obama = Without "ID")
[ Post Reply | Private Reply | To 17 | View Replies]

To: TChad
Thanks for the link.

From the penultimate (and it should have been a lot closer to the front of the paper) page:

3.4.1. Observability. Someone with direct observation of compromise a network endpoint, without attempting access the network endpoint would be able to notice the uploading through the network. of applications, as the text entered by the Hardware Trojan Horse device would appear on the display as text being entered by the keyboard. A user at the network endpoint could also disrupt the uploading of the applications because any characters entered on the legitimate keyboard would be passed to the file containing the uploaded application.

I skimmed the paper, and I believe that a short summary is that a USB keyboard can be programmed to capture keystrokes and also can be setup to automatically type commands that can lead to compromise of data stored the system.

(There's a whole elaborate bit about using audio and keyboard LEDs that I fail to see much use for, but I didn't spend a great deal of time with this paper since the overall attack doesn't seem very covert.)

20 posted on 07/06/2010 6:18:20 PM PDT by snowsislander (In this election year, please ask your candidates if they support repeal of the 1968 GCA.)
[ Post Reply | Private Reply | To 15 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-30 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson