Interesting: Bad USB malware concept

[RAMd®d]

Who's Alice and Bob? Was Bob fooling around....

It's not Bob & Carol & Ted & Alice.

It's about public keys.

And not in a fishbowl.

[sekker]

I'll wait for this to be vetted.

I'm also not going to live my life worrying about these kind of issues unless there is a clear exploit in the wild.

[decay]

http://www.forbes.com/sites/gordonkelly/...-security/

The exploit is already being tied to ‘Cottonmouth’, a USB spy device revealed last year in the leaks of Edward Snowden. The NSA hid Cottonmouth in peripheral plugs that were then connected to key computers. The exact operation of Cottonmouth was never revealed but Matt Blaze, computer science professor at the University of Pennsylvania, told Wired “I wouldn’t be surprised if some of the things [Nohl and Lell] discovered are what we heard about in the NSA catalogue.”

Nohl takes this a step further. He argues USB devices should be treated as if they are hypodermic needles . “In this new way of thinking, you can’t trust a USB just because its storage doesn’t contain a virus. Trust must come from the fact that no one malicious has ever touched it. You have to consider a USB infected and throw it away as soon as it touches a non-trusted computer. And that’s incompatible with how we use USB devices right now.”