Montag, 8. Juni 2015


This one is kind of tricky. You want to have a closed computerized system in your laboratory. But on the other hand, you want to be able to have USB access to your system, in case a service technician has to save documents on a flash device. And here exactly starts the problem…

Do you know how to flash a USB ROM, to get this device to install “software” as a “USB Driver” or to download data silently? You don`t? This technique exists! And hold in the wrong hands, it opens a super massive vulnerability in unsecured computer systems. The most important questions here are: Do you trust your service engineer/employee? Are you prepared for such attacks? Do you really need USB connectivity?

Personally, I do not know how to be 100% save and I hope to get valuable inputs…

One direct action could be, to use hardware USB port blockers for all open ports ( and register your must have hardware (like your mice and keyboard) in the device manager, then block everything else. Inputs on this topic are highly appreciated!!

Also read this article ( and/or search Google for keywords like “usb rom vulnerability windows”, “usb rom vulnerability mac”, “bad usb”.


Keine Kommentare:

Kommentar veröffentlichen