this post was submitted on 13 Nov 2024
1 points (100.0% liked)

cybersecurity

10 readers
1 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 1 year ago
MODERATORS
[email protected]
1
Self-modifying USB mass storage? (zerobytes.monster)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
The original post: /r/cybersecurity by /u/Deep_Sir9886 on 2024-11-12 17:16:44.

Could it be possible for a malicious USB mass storage device to modify itself? I.e., for the device's firmware to modify files stored on its media? I see no reason why not -- right? If so:

  1. What applications of such a method would best justify using it (and thus risking its detection), especially if deployed via supply-chain attack?
  2. What methods would best counter this threat? Encryption & signature before storage?
  3. Are the methods from #2 in fact universally deployed in the situations identified in #1?

(Apologies if this is duplicate. My former attempt contained an error which I *think* caused AutoModerator to delete it.)

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here