Protect against BadUSB device
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
During the last months, it appeared that the theoretical threat of a compromised USB device acting as keyboard became a real possibility: https:/
The solution against such threat is simply to ask the user the confirmation before binding a new USB device as keyboard and a solution was already documented: http://
Similar solution already exist for MS Windows: http://
Even though the probability to get a compromised USB device is low, the security threat is serious and since the solution is simple, Ubuntu should be protected properly asap.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: udev 204-5ubuntu20.8
ProcVersionSign
Uname: Linux 3.13.0-39-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.5
Architecture: amd64
CurrentDesktop: Unity
Date: Tue Nov 18 02:48:36 2014
EcryptfsInUse: Yes
InstallationDate: Installed on 2014-08-25 (84 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64+mac (20140417)
MachineType: LENOVO 4298RD9
ProcKernelCmdLine: BOOT_IMAGE=
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/07/2011
dmi.bios.vendor: LENOVO
dmi.bios.version: 8DET50WW (1.20 )
dmi.board.
dmi.board.name: 4298RD9
dmi.board.vendor: LENOVO
dmi.board.version: Not Available
dmi.chassis.
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.
dmi.modalias: dmi:bvnLENOVO:
dmi.product.name: 4298RD9
dmi.product.
dmi.sys.vendor: LENOVO
information type: | Private Security → Public Security |
Changed in ubuntu: | |
status: | New → Confirmed |
Sadly, the solution is not easy nor obvious. Ubuntu is used in a wide variety of different ways and many of them do not lend themselves well to just popping up a dialog box.
Furthermore, the problem is not at all restricted to just devices that can be reprogrammed to act like keyboards.
A fairly lengthy discussion can be found here: http:// www.openwall. com/lists/ oss-security/ 2014/08/ 09/4
Thanks