Comments on: Research Compares USB devices to Dirty Needles – What now? https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/ Straight-talking security advice from the Malware Experts Fri, 18 Nov 2022 12:12:06 +0000 hourly 1 By: Александр Глазер ® https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/#comment-238827 Mon, 25 Aug 2014 01:50:00 +0000 http://blog.emsisoft.com/?p=8041#comment-238827 Буду очень признателен за USB в подарок. С предложением пишите на почту resst72@mail.ru

]]>
By: Legend https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/#comment-232356 Sat, 16 Aug 2014 14:15:00 +0000 http://blog.emsisoft.com/?p=8041#comment-232356 In reply to emsisoft_steve.

So true……. = D

]]>
By: emsisoft_steve https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/#comment-231762 Fri, 15 Aug 2014 20:54:00 +0000 http://blog.emsisoft.com/?p=8041#comment-231762 In reply to Legend.

Ah, but you forgot the most important component of all. User education! :D

]]>
By: Legend https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/#comment-230619 Thu, 14 Aug 2014 22:31:00 +0000 http://blog.emsisoft.com/?p=8041#comment-230619 In reply to emsisoft_steve.

Thanks Steven . It was a good, and at the same time an interesting response. Just a thought, but a possible solution to counter these scenarios, could be a closer entrusted cooperation between Av industries and manufacturers of usb firmware chips, in usb devices. Mmmh, but I guess it would, or could lead to other kind of vulnerabilities if av industry and manufacturers is entangled too much in each other. No easy solutions =). I also wonder, in what degree does the Av industry actually research in new “alternative tools” to mitigate unknown threats. In my perspective it seems that things is more or less stuck, in the three key components, signatures – firewall- behavior blocker.

]]>
By: emsisoft_steve https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/#comment-230576 Thu, 14 Aug 2014 21:19:00 +0000 http://blog.emsisoft.com/?p=8041#comment-230576 In reply to Legend.

Good question. As far as we know, right now BadUSB is just a proof-of-concept. No malware has been spotted in the wild yet, so there’s no way to directly test it. It is likely that Behavior Blocker would block the malicious actions of such a malware, and prevent the infection of a computer by an infected USB device. The problem, though, is that the malicious code is
located on the firmware chip of the device, which is not a location Emsisoft or any
other AV for that matter, has access to.

That means that Emsisoft can prevent infection of the computer, but it can’t clean the infected USB device. Not yet at least…

]]>
By: Legend https://www.emsisoft.com/en/blog/8041/usb-devices-and-dirty-needles/#comment-217170 Tue, 05 Aug 2014 19:33:00 +0000 http://blog.emsisoft.com/?p=8041#comment-217170 Have Emsisoft tried to emulate that kind of behavior , to see if the behaviour blocker covers that type of alteration , of hard coded instructions, of usb devices? We can’t always rely on virus signatures, (even though Emsisoft has a good solid reputation in that regard), they only catch what is known. Does Emsisoft do a regularly evaluation, of the set of rules, the behaviour blocker operates after, according to the current threat landscape.

]]>