Fuzzing is a method of testing with automated software which provides invalid, unexpected, and random data as inputs to a computer program. The testing program then monitors for crashes, assertions and potential memory leaks.
A research team based from Purdue University came up with USBFuzz, which pushes enormous amounts of random data through the USB bus of a system. Hui Peng and Mathias payer (from the Swiss Federal Institute of Tech) came up with the idea and program.
Please don’t lose any sleep over the bugs found.
Peng and Mathias found one bug in FreeBSD, three in MacOS (two resulting in an unplanned reboot and one freezing the system), four in Windows 8 and Windows 10 (resulting in Blue Screens of Death) and the vast majority of bugs, in Linux — 18 in total.
Of all these bugs, Windows users do not need to worry, they have been fixed. Of the 18 found in Linux, 16 of them have been corrected already. Those correct where major security flaws.
What we like about the USBFuzz is the underlying theme to improve the security of the USB platform and continued improvement. We also like USBFuzz becoming an open source bit of code that everyone may use to strengthen thier USB product. The team will release a version on GitHub later this year, 2020.
If you are an avid user of USB security dongles, you might know how challenging it may be to get remote access to these devices. To simplify this task, Electronic Team, Inc. has developed a dedicated software solution capable of sharing USB protection dongles over the network.
Donglify is a lightweight desktop application that allows connecting USB hardware keys to remote computers over the Internet and LAN. The software uses the 2048-bit SSL encryption to secure your connections, so you don’t need to worry that your sensitive data will be intercepted or lost.
One of the nicest things about Donglify is that it can redirect one USB dongle to several remote PCs simultaneously. In order to make a USB hardware key available for use on multiple computers, you can just connect the device to your local PC and share it over the network with nothing more than a couple of clicks. This option, currently, works with HASP HL Pro, Sentinel HL Pro, SafeNet eToken 5110, and CodeMeter CmStick security keys.
USB hardware keys of other types can also be shared over the Internet but you’ll be able to access them from one remote machine at a time.
Donglify is available by subscription and comes with a 30-day free trial. When the trial period is over, you can continue using the service for $19.99 a month.
Last year, Google released the Titan security key. It can be used as ultra secure methods for two-factor authentication for some online services over USB-A, NFC, or Bluetooth. Today, Google announced an updated USB-C key to the lineup, which will be available tomorrow from the Google Store for $40.
The new USB-C key appears to have similar functionality to their previous model, all of which are built to the FIDO standard. The USB-C model lacks the NFC capabilities that its other two keys have, but this shouldn’t matter as the USB-C design is meant for you to plug it directly into your portable device, such as phone or ultra-thin laptop. That said, NFC is a bit moot.
Google’s new USB-C key is compatible with Android, Chrome OS, macOS, and Windows devices (Only the Bluetooth key works with iOS, and it requires the installation of Google’s Smart Lock app.) Like its previous keys, Google says the USB-C key’s firmware is permanently sealed into a secure element hardware chip, making the key more resistant to physical attacks.
Google partnered with security key-maker Yubico to manufacture its new USB-C key. Google’s key looks a lot like Yubico’s YubiKey 5C. Both keys are pretty similar, but Yubico’s keys support a few more protocols than Google’s Titan keys do, such as WebAuthn, so they might be the better option for some, depending on what you need.
Google’s other two Titan security keys were previously only available as a $50 bundle, but Google says you’ll be able to buy them individually starting tomorrow. The USB-A / NFC key will cost $25, while the Bluetooth key,
With USB gadgets like this, it’s hare to imagine companies like ADT stay in business for residential customers. This working USB charger includes a miniature camera which acts like a surveillance camera. You can plug any USB gadget into it for charging, all the while record or stream video for what is going on within it’s view.
Use your Android or iPhone you may stream directly to your connected app or stream to a group of people you’ve authorized within the app. The spy camera records 1080p HD footage and will also record that video to the 32GB microSD card (included). Bonus: You can set the surveillance camera to record only when it detects motion.
The camera view is anything directly in front of the plug, so no ability to turn the camera itself, but that is a simple enough problem to solve, just use an outlet that is in-line with the viewing area you want to record.
Here are some noteworthy bullet points about what you will get for the low price of $29USD:
Motion Detection – Can be set to initiate recording only when motion is detected and then send a notification directly to your phone.
Loop Recording – Can be set to automatically record over old footage, allowing for uninterrupted video recording.
Night Mode – Can be set for recording in dim and low light environments.
Multi-Use – Allows for multiple users to connect to the same device (Supports up to 8 users)
Multi-View – Allows for multiple cameras to be connected to the same APP / Software. (Supports up to 8 cameras)
“I want to tell the world that I am a victim of political kidnap and ransom,” Whelan said during a press conference in May. “This is retaliation for sanctions.”
“…There are abuses and harassment that I am constantly subject to. There is a case for isolation,” he continued, before listing alleged abuses committed by prison staff.
The former Marine said that he was being subjected to “typical POW Chapter 1 isolation” techniques to run him down and described his imprisonment as the “Salem witch trial mentality.”
According to Reuters, Paul made a direct plea to the President of the United States saying; “Mr president [Trump], we cannot keep America great unless we aggressively protect and defend American citizens wherever they are in the world.” And this is very true.
It’s not every day we see “flash drive” in the headlines in association with espionage. However, it appears American citizen, Paul Whelan, was arrested in Russia for the charge of espionage.
Gathering information from the news surrounding this situation, Mr. Whelan is an ex-Marine who visits Russia. He is a world traveler, a security expert for a US based auto parts supplier [BorgWarner], speaks Russian and uses a Russian social media platform called VKontakte, or VK.
From reports, the arrest happened like this: Whelan met up with a Russian associate who gave him a flash drive. Earlier in the visit, Whelan claims he received digital images from his vacation through his computer, but could not view them on his computer. Because of this, he asked the photos be placed on a flash drive.
Moments after the two met and exchanged the flash drive, the Russian policy arrested Paul and found state secrets on the USB drive.
Whelan claims he knew nothing of the information on the flash drive and was only expecting to see pictures of his vacation. I certainly hope
Yubico YubiKey 4 appears to be an excellent device for a two-factor authentication solution. Two factor authentication means you need two things before gaining access. In this case, one piece of information is your password and the other piece is your finger print.
If you are using a password manager right now, (ie. Last Pass, Dashlane, etc) I would recommend getting this. The benefit of this device with a password manager is you can enable two factor authentication to add a new device capable of signing into your account.
This means if someone knows your password, it doesn’t really matter because they would also need your finger print. Understand that nearly all password managers conform to some sort of security protocol like FIDO U2F, smart card (PIV), OpenPGP, etc which in turn works with Yubikey.
Using Windows 10, you can partition a USB flash drive into multiple partitions. The process is not difficult, you simply follow some easy steps. This tutorial will partition the drive so that your device is assigned multiple drive letters when connected to the computer.
This partition process is not done at the USB controller level; or said another way, done at the hardware level. This USB partition process, for a lack of better terms, is done at the software level. What does this mean for you? It means the partitions can be wiped off the drive and full capacity of the USB flash drive can be restored.
When a USB stick is partitioned at the controller level, or at the hardware level, there is no way to reverse the partition. The multi-partition drive is permanent. At the end of this tutorial is the solution for a hardware based partition solution.
So letâ€™s get started.
How to partition a USB flash drive in Windows 10:
Connect the USB flash drive to your Windows 10 machine. Be sure there is nothing valuable on the USB as this process will remove all content from the drive.
Right Click the Windows icon and select Disk Management.
The Disk Management window will appear with all the connected devices. Select your USB flash drive by clicking one time. By selecting your flash drive, it will allow Windows to apply the partition to that device.
With all the gadgets and devices we post about, there’s plenty of merit in veering a little closer to some USB hardware fundamentals and how it communicates with your computer. To highlight this importance, a UDISK Drive and its internal functionality will serve as a comparison.
Simply put, a UDISK is a hard drive in USB form. With magnetic hard drive platters spinning inside an enclosure, UDISKs have a bridge chip regulating the way the drive mounts to an operating system. This chip changes the hard from from IDE protocols, to USB. Standard USB drives don’t use rotating disks to store data, but use flash memory instead, which enjoys faster speeds as well as increased reliability against shock, pressure, and temperature. Why then do these UDISK drives exist? Because those spinning disks are cheaper to manufacture but they can be sold at the same price as standard flash memory USB drives and the difference may not be clear to users.
Account security is one of the most vital pieces of the busy and interconnected world right now and nobody wants strangers accessing their personal information online. You might use a password manager as well as two-factor authentication like we mentioned in a previous post, but now there’s another way to stay protected.
In response to similar approaches from Google and Dropbox, Facebook has added support for safe login security keys. When you log into your account, this device will prove your identity rather than a code which sends to your phone. In addition to the superior security, they’re also potentially faster. With just a tap on the device you can have access to your Facebook account and feel safer in knowing only you can unlock it. It’s a welcome move from the company in an age where cyberattacks and identity theft are on the rise and as a universal rule on the internet, it’s never a bad time to strengthen your defences.
Police dogs have yet another smell they must detect. Tactical Detection K9 company now trains dogs to sniff out SD cards and USB sticks. The training is in response to better assisting law enforcement in child pornography investigations.
The percentage of a dog’s brain which is devoted to analyzing smells is 40 times greater than humans. For example, humans can detect about 5 million scents and a German Shepherd can detect around 225 million smells.
In a recent investigation a dog was used in the FBI raid of the home of the former Subway spokesman Jared Fogle in Hancock County, Indiana.
What could take investigators hours to find an SD card or USB stick in a house would take a trained dog considerably less time, probably no more than 30 minutes.
According to Tactical Detection K9 it took scientists over four years to isolate the odor associated with memory devices. Now that a specific odor has been identified it takes 8-9 months for a dog to be trained in picking up that scent.
A dog which can sniff out SD and USB sticks can cost upwards of $9,000.