Feature #9569
Feature #5451: Protect against external bus exploitation
Research available protections against rogue USB devices
Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
06/13/2015
Due date:
% Done:
0%
Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:
Description
By "rogue USB" here we refer, for example, to the BadUSB attack described by SRLabs in https://srlabs.de/badusb and that can spread malicious firmware across USB peripherals.
- USBGuard
- source code
- Rule language for writting USB device authorization policies, supporting whitelisting and blacklisting based on device attributes
- daemon + IPC + a Qt applet
- in Debian Stretch
- needs some UX improvements before we ship it: https://github.com/dkopecek/usbguard/issues/157
- Linux kernel's "authorized_default" option for the
usbcoremodule- could be set to 0 when the system is locked (logind may help); note that this breaks things if the system's USB keyboard was unplugged while being locked
- setting this parameter on-the-fly isn't enough, one also needs to
for bus in /sys/bus/usb/devices/usb*; do echo 0 > ${bus}/authorized_default ; done - In GNOME: https://ryuzakikk.github.io/gnome/internship-preparation/, https://ryuzakikk.github.io/gnome/internship-update-1/, https://ryuzakikk.github.io/gnome/internship-update-2/, https://ryuzakikk.github.io/gnome/internship-update-3/, https://ryuzakikk.github.io/gnome/internship-update-4/
Related issues
History
#1 Updated by intrigeri over 4 years ago
- Related to Feature #5684: Screen locker added
#2 Updated by intrigeri over 4 years ago
- Related to Feature #5451: Protect against external bus exploitation added
#3 Updated by sajolida over 4 years ago
What do you mean by "rogue USB devices" here?
#4 Updated by sajolida over 4 years ago
Found an answer already.
#5 Updated by sajolida over 4 years ago
- Description updated (diff)
#6 Updated by intrigeri over 4 years ago
- Related to Feature #8989: Prompt before activating non-storage USB devices plugged after login added
#7 Updated by intrigeri over 4 years ago
- Related to deleted (Feature #8989: Prompt before activating non-storage USB devices plugged after login)
#8 Updated by intrigeri over 4 years ago
- Duplicated by Feature #8989: Prompt before activating non-storage USB devices plugged after login added
#9 Updated by intrigeri over 2 years ago
- Related to deleted (Feature #5451: Protect against external bus exploitation)
#10 Updated by intrigeri over 2 years ago
- Parent task set to #5451
#11 Updated by intrigeri over 2 years ago
- Description updated (diff)
#12 Updated by muri about 1 year ago
intrigeri wrote:
- needs some UX improvements before we ship it: https://github.com/dkopecek/usbguard/issues/157
for the record: there is ongoing work to include usbguard protection in gnome3: https://ryuzakikk.github.io/gnome/internship-preparation/ & https://ryuzakikk.github.io/gnome/internship-update-1/
#13 Updated by sajolida 11 months ago
- Related to Bug #15767: Inserting encrypted USB drive does not prompt for decryption added
#14 Updated by sajolida 11 months ago
- Related to Feature #15900: Consider mounting external drives automatically (enable automount) added