Researchers explain vulnerabilities in USB implementations expose




Security researchers have demonstrated at the Black Hat security conference in Amsterdam holes in USB implementations. For example, a researcher found a vulnerability in various Samsung phones with Android.

Android logo Security Researcher André Pereira showed during the European edition of Black Hat how he managed to obtain a modified USB connector root access on a Samsung Galaxy Ace. The researcher used commands that Samsung has built to allow the management tool Select communicate with a telephone.

An attacker would include new firmware therefore can flash to an extension. He could also irremovable surveillance app install or send expensive SMS. It would flash does not go unnoticed: a device reboot and then displays a message. In addition, a person must have physical access to a telephone, for example with a specially prepared charger.

Not only the Galaxy Ace, other Samsung phones are vulnerable to the attack, says Pereira against Tweakers. “Among others, the Samsung Galaxy S3,” said the Portuguese security researcher who has had contact with Samsung about the security problem but do not know if the Korean company comes up with a patch. Or even newer Samsung phones are vulnerable, Pereira has not been tested.

Security Researchers Sergej Schumilo and Ralf Spenneberg showed the same security conference how they have built a tool to find vulnerabilities in USB drivers. Currently, this tool only works for USB drivers on Linux, but the researchers also want to take Windows drivers under the microscope. It is according to them, a lot harder to test drivers under Windows automated.

The researchers used fuzzing, a process in which a program is fed with random data to the crash. If an application crashes, it is in theory possible, namely in order to inject its own code in the memory. The researchers all computerized testing drivers using virtualization. They knew on a Xeon server with 24 cores and 64 gigabytes of internal memory perform 320 tests per second, or more than one million tests per hour.

The researchers call the shocking results: 0.3 percent of the tests caused a security problem that can be misused in theory. They have not tested whether it could actually. These include for segmentation faults: moments when an attacker could inject its own code.


In: Technology & Gadgets Asked By: [15585 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »