Universal Serial Bus, is an business normal that defines cables, connectors and communications protocols for connection, communication, and energy provide between computer systems and units.
Security researchers from the University of Adelaide found that Universal Serial Bus (USB) connections are uncovered to info leakage, making them even much less secure than has been imagined.
They examined over 50 completely different computer systems and exterior hubs and found that the majority of them are weak to crosstalk leakage impact that not directly exposing delicate information to a educated attacker.
According to researchers:
“We have tested over 50 different computers and external hubs and found that over 90% of them suffer from a crosstalk leakage effect that allows malicious peripheral devices located off the communication path to capture and observe sensitive USB traffic. We also show that in many cases this crosstalk leakage can be observed on the USB power lines, thus defeating a common USB isolation countermeasure of using a charge-only USB cable which physically disconnects the USB data lines.”
“USB-connected devices include keyboards, cardswipers and fingerprint readers which often send sensitive information to the computer,” says undertaking leader Dr Yuval Yarom, Research Associate with the University of Adelaide’s School of Computer Science.”
Dr Yarom stated that “Electricity flows like water along pipes – and it can leak out. In our project, we showed that voltage fluctuations of the USB port’s data lines can be monitored from the adjacent ports on the USB hub.”
The analysis (USB Snooping Made Easy) just isn’t but public and will likely be proven subsequent week on the USENIX security convention in Vancouver, Canada