In many respects, the BadUSB hack is more pernicious than simply loading a USB stick with the kind of self-propagating malware used in the Stuxnet attack. For one thing, although the Black Hat demos feature only USB2 and USB3 sticks, BadUSB theoretically works on any type of USB device. And for another, it's almost impossible to detect a tampered device without employing advanced forensic methods, such as physically disassembling and reverse engineering the device. Antivirus scans will turn up empty. Most analysis short of sophisticated techniques rely on the firmware itself, and that can't be trusted.
It's easy to forget some of the more innovative and eye-popping hacks by the good guys in 2014 amid the painful and unprecedented wave of cybercrime, cyber espionage, and cyber mayhem that the world has witnessed the past 12 months.
The German security company SySS GmbH discovered that many, but not all, of today's encrypted USB sticks and flash drives are actually vulnerable to a relatively easy attack. It is not that the encryption itself-usually AES (Advanced Encryption Standard) encryption--that has been broken. It hasn't been. Despite what you may have read from some fear-mongers, AES remains unbroken.
Another interesting possibility is to go visit ahackerspace. There is a burgeoning movement of people creatingphysical locations - maker's clubs - where they can hang out to workon hardware and software projects together, or work solo in a cogenialatmosphere. Hackerspaces often collect tools and specializedequipment that would be too expensive or logistically inconvenient forindividuals to own. Hackerspaces are easy to find on the Internet;one may be located near you. 2b1af7f3a8