First, the good news: that unpatchable security flaw in USB devices first brought to light over the summer affects only about half of the things you plug into your USB port. The bad news is it’s nearly impossible to sort out the secure gadgets from the insecure ones without ripping open every last thumb drive.
At the PacSec security conference in Tokyo on Wednesday, hacker Karsten Nohl presented an update to his research on the fundamental insecurity of USB devices he’s dubbed BadUSB. Nohl and his fellow researchers Jakob Lell and Sascha Krissler have analyzed every USB controller chip sold by the industry’s eight biggest vendors to see if their hack would work against each of those slices of silicon. The results: Roughly half of the chips were immune to the attack. But predicting which chip a device uses is practically impossible for the average consumer.
“It’s not like you plug [a thumbdrive] into your computer and it tells you this is a Cypress chip, and this one is a Phison chip,” says Nohl, naming two of the top USB chip manufacturers. “You really can’t check other than by opening the device and doing the analysis yourself…The scarier story is that we can’t give you a list of safe devices.”
Nohl’s BadUSB attack, which he revealed at the Black Hat security conference in August, takes advantage of the fact that a USB controller chip’s firmware can be reprogrammed. That means a thumb drive’s controller chip itself, rather than the Flash storage on that memory stick, can be infected with malware that invisibly spreads to computers, corrupts files stored on the drive, or quietly begins impersonating a USB keyboard to type commands on the victim’s machine.
“You’d Never Get Away With This in a Laptop”
Now Nohl’s research team has tested that reprogrammability problem in USB controller chips sold by the industry’s biggest vendors: Phison, Alcor, Renesas, ASmedia, Genesys Logic, FTDI, Cypress and Microchip. They checked versions of each chip both by looking up its published specs and by plugging a device using it into a computer and attempting to rewrite the chip’s firmware.
They found an unpredictable patchwork of results. All of the USB storage controllers from Taiwanese firm Phison that Nohl tested, for instance, were vulnerable to reprogramming. Chips from ASmedia weren’t, Nohl’s tests found. Controller chips from fellow Taiwanese company Genesys that used the USB 2 standard were immune, but ones that used the newer USB 3 standard were susceptible. In other categories of device like USB hubs, keyboards, webcams and mice, the results produced an even messier Excel spreadsheet of “vulnerable,” “secure,” and “inconclusive.”
Those findings go far beyond Nohl’s initial reserach, which focused only on Phison, the USB storage chipmaker with the largest market share. He’s published a rundown of his findings about all the chips his team analyzed here
The problem remains that consulting Nohl’s data won’t do consumers much good. Unlike computer makers that advertise “Intel Inside,” USB device makers don’t label their products with the obscure Taiwanese company’s chip they’ve integrated. And they often switch chips—even in the same product—to take advantage of whichever supplier can give them those semiconductors for a few pennies cheaper that month. In an analysis of USB controller chips at the security conference Shmoocon earlier this year, security researcher Richard Harman found that Kingston used half a dozen different companies’ USB chips. “That Kingston flash drive could have USB controllers from any of five or six vendors,” Nohl says.
Nohl says that means combatting BadUSB will require device makers to clearly label the chips their products use. “You’d never get away with this in a laptop. People would go crazy if they bought a computer and it wasn’t the chip they saw in the review they read,” he says. “It’s just these USB devices that come as black boxes.”
The difficulty of creating such a labeling system adds yet another hurdle to fixing the underlying issues that make BadUSB so nasty a problem. Those difficulties convinced Nohl not to release the proof-of-concept code for his BadUSB attack when he demonstrated it at Black Hat, for fear it might be replicated by malicious hackers. But two independent researchers reverse engineered the attack andpublished their own BadUSB code last month, in the interest of allowing further study of the problem and pressuring companies to fix it.
At least one company already does purposefully protect against BadUSB attacks: Imation-owned USB maker Ironkey requires that any new updates to its thumbdrives’ firmware be signed with an unforgeable cryptographic signature that prevents malicious reprogramming. Other USB makers could follow that model, Nohl says.
But among major vendors, even the USB chips that he and his researchers found to be immune from BadUSB were only protected “by accident,” Nohl argues. Those chips, he said, were custom-designed for a unique application to save money, making them impossible to reprogram. But “every chip that could be reprogrammable is reprogrammable,” and thus vulnerable to BadUSB, Nohl says.
Nohl’s research is in part a rebuttal to critics who argued his original BadUSB presentation focused too narrowly on leading chipmaker Phison. In some sense, those critics were right: some USB chips from other vendors do seem to be immune from the problem. But in a broader sense, Nohl argues that the tangled mix of secure and insecure USBs and the total lack of transparency in the USB device industry means that practically every device is suspect. “Some people have accepted that USB is insecure. Others remember BadUSB only as the Phison bug. That second group needs to wake up to the same level of awareness of the first group,” Nohl says. “For practical purposes, it affects potentially everything.”