Schedule

Schedule

Monday, September 22

1411408800 Triangulation
1411414200 iPad Today
1411426800 Tech News 2Night
1411428600 Marketing Mavericks

Tuesday, September 23

1411491600 Tech News Today
1411495200 MacBreak Weekly
1411502400 Security Now
1411509600 Before You Buy
1411513200 Tech News 2Night
1411516800 All About Android
1411525800 Padre's Corner

Wednesday, September 24

1411572600 FLOSS Weekly
1411578000 Tech News Today
1411581600 Windows Weekly
1411588800 This Week in Google
1411599600 Tech News 2Night
1411601400 redditUP
1411606800 Ham Nation

Thursday, September 25

1411664400 Tech News Today
1411668000 Know How...
1411671600 The Social Hour
1411677000 Coding 101
1411680600 Home Theater Geeks
1411686000 Tech News 2Night
1411687800 The Giz Wiz
1411696800 OMGcraft

Friday, September 26

1411750800 Tech News Today
1411754400 This Week in Law
1411761600 Android App Arena
1411772400 Tech News 2Night

Saturday, September 27

1411840800 The Tech Guy

Sunday, September 28

1411927200 The Tech Guy
1411941600 This Week in Tech

Monday, September 29

1412010000 Tech News Today
1412013600 Triangulation
1412019000 iPad Today
1412031600 Tech News 2Night
1412033400 Marketing Mavericks

Tuesday, September 30

1412096400 Tech News Today
1412100000 MacBreak Weekly
1412107200 Security Now
1412114400 Before You Buy
1412118000 Tech News 2Night
1412121600 All About Android
1412130600 Padre's Corner

Wednesday, October 1

1412177400 FLOSS Weekly
1412182800 Tech News Today
1412186400 Windows Weekly
1412193600 This Week in Google
1412204400 Tech News 2Night
1412206200 redditUP
1412211600 Ham Nation

Thursday, October 2

1412269200 Tech News Today

Most Recent Episodes

This Week in Tech
Episode #476: Brain in a Jar September 21st, 2014

Apple gold, warrant canaries, Fire for kids, Larry Ellison's island, and more.

The Tech Guy
The Tech Guy 1120 September 21st, 2014

Are iOS alternate keyboards secure?

The Tech Guy
The Tech Guy 1119 September 20th, 2014

Where is the best place to buy a gaming PC?

Tech News 2Night

Selling Drugs on Instagram

This Week in Law

Did the FBI sleuth or hack to find the location of the Silk Road server?

Android App Arena
Episode #13: Material Design September 19th, 2014

Hands-on reviews of Reddit News, Today Calendar, Wally and Hangouts Dialer.

TWiT Live Specials
Episode #207: iPhone 6 Unboxing September 19th, 2014

Leo unboxes a brand new iPhone 6.

Tech News Today

The launch of the iPhone 6 and iPhone 6 Plus was greeted by long lines and widespread shortages.

This Week in Computer Hardware

New Moto X, GTX 980 leaks, and people raving regarding the iPhone 6.

The Giz Wiz
Episode #1486: No Potato Rotato September 18th, 2014

Capresso, self centering measuring tape, cut resistant gloves.

Know How... 106

Bad USB, I Am Groot, and Defcon

August 14 2014

A USB hack that will make you drop your packets, Patrick Djelahanty shows how he built the "Baby Groot" out of common parts, see soundwaves, lock picking, and Defcon wrap up.

"Bad USB"
* German Researchers Karsten Knoll and Jacob Lell discovered an exploit in the way USB works
* ALL USB devices use some form of controller. They're small computers that interface the USB serial communications protocol with whatever device we want to connect via USB.
-- That controller is actually a small computer... and the computer runs an operating system that is determined by firmware.

What's the Exploit?
* The way that USB was created, that firmware is updateable. It's updateable because the creators of the USB standard wanted manufacturers to be able to reprogram the firmware if a flaw was ever discovered in that firmware.
* HOWEVER, that also means that a malicious user (hacker) could reprogram the firmware to make the device act in a way that the manufacturers had not intended.

What does that all mean?
* This means that a USB flash drive could be reprogramed to act like a keyboard
-- So after you plug it in, it issues a series of keystrokes that (for example) open Internet Explorer, navigate to a page that contains malware, then close the browser... all in a matter of seconds
* Or a USB flash drive could be reprogrammed to act like a network adapter
-- All the traffic you send and receive from your network would pass through this new network adapter, which would forward the packet stream to another computer before sending your trafic to the proper destinations.

Worse still... since your computer has USB devices INTEGRATED into the system (Keyboard, Mouse, Webcamera, Card Reader) a compromised USB device could be used to compromise the USB devices in your computer, which would then compromise any USB device that connects to your computer.

Ok... so why not just run an anti-virus? Or copy over new firmware? Or just make USB firmware non-programmable?

Let's take that one at a time: Anti-Virus
* Your system cannot see past the controller of a USB device.
-- The way USB devices work, the system can query the controller, and the controller will tell the system the status of the USB device.
-- If the controller is compromised, then you cannot trust it to report the correct status
** In other words, the only way an Anti-Virus would work would be if the malware infecting the USB device was programmed to tell the system that it was compromising the controller... an unlikely scenario.

Copying New Firmware:
* As with the Anti-Virus question, the system cannot see past the controller.
* When you update firmware on a USB device, the new firmware is loaded into memory, then the controller is responsible for overwriting its old firmware and reporting back to the system with the new firmware status.
* If I was writing BadUSB malware, the first thing I would to would be to disable that process: Allow the controller to copy the new firmware to memory, then strip off the revision number of the new firmware and report THAT to the system.
-- The system thinks it has new firmware, but the malware is still there.

Making USB devices unprogrammable:
* This is the most likely solution, but there are two MAJOR problems
1. It doesn't fix the BILLIONS of USB devices that are already in the wild.
2. If a manufacturer ever discovers a problem with their firmware (say, an exploit) there is no way to patch it.

Connect with us!
Don't forget to check out our large library of projects at www.twit.tv/kh.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj, @Cranky_Hippo and @Anelf3
- Check out our transcripts.

Sponsors: