This invention relates generally to serial buses and, more specifically, relates to USB devices and their firmware.
This section is intended to provide a background or context to the invention disclosed below. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived, implemented or described. Therefore, unless otherwise explicitly indicated herein, what is described in this section is not prior art to the description in this application and is not admitted to be prior art by inclusion in this section. Abbreviations and acronyms used in this document and/or the drawings are defined below, prior to the claims.
Universal serial bus (USB) connections and devices have become ubiquitous, and for good reason: these allow users to connect many different devices through a common connection and interface. For instance, a user can connect peripherals such as pointing devices (e.g., trackballs or mice), audio cards or digital-to-analog converters, keyboards, memories such as memory sticks or hard drives, cameras, cellular phones, and the like to hosts such as computers, all with a single physical interface.
The pervasive availability of USB connectivity throughout computer and mobile peripherals, however, makes USB an increasingly appealing attack vector. Misbehaving USB devices are a threat to the security of the hosts to which they are attached. This is particularly true, given that the device drivers on the host typically run at a high privilege level, meaning they have access to computer resources they would not otherwise have. For instance, applications typically have lower privileges than do device drivers such as those used for USB devices. Thus, such attacks have the potential to fully compromise the host.
By exploiting weak spots in device driver implementations on the host side, a USB device can gain control over the host. As an example, a vulnerability referred to as CVE-2016-2384 is described as allowing “physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.” See the National Institute of Standards and Technology, National Vulnerability Database, vulnerability identification CVE-2016-2384.
USE devices that misbehave can be created in different ways: on one hand, misbehaving USE devices can already be created with malicious intent; while on the other hand, it has been shown that benign USB devices can be modified to misbehave. Thus, even “good” USB devices can be modified to be “bad”. One such example is a USE “hack” referred to as “BadUSB”, which is described as a hack that “reprograms embedded firmware to give USB devices new, covert capabilities.” See Dan Goodin, “This thumbdrive hacks computers. ‘BadUSB’ exploit makes devices turn ‘evil’”, Ars Technica (Jul. 31, 2014).
Consequently, while USB devices are undoubtedly beneficial, they have also become more dangerous. It is currently difficult to prevent or ameliorate attacks by misbehaving USB devices, regardless of how they are created.