Fuzzing is a method of testing with automated software which provides invalid, unexpected, and random data as inputs to a computer program. The testing program then monitors for crashes, assertions and potential memory leaks.
A research team based from Purdue University came up with USBFuzz, which pushes enormous amounts of random data through the USB bus of a system. Hui Peng and Mathias payer (from the Swiss Federal Institute of Tech) came up with the idea and program.
Please don’t lose any sleep over the bugs found.
Peng and Mathias found one bug in FreeBSD, three in MacOS (two resulting in an unplanned reboot and one freezing the system), four in Windows 8 and Windows 10 (resulting in Blue Screens of Death) and the vast majority of bugs, in Linux — 18 in total.
Of all these bugs, Windows users do not need to worry, they have been fixed. Of the 18 found in Linux, 16 of them have been corrected already. Those correct where major security flaws.
What we like about the USBFuzz is the underlying theme to improve the security of the USB platform and continued improvement. We also like USBFuzz becoming an open source bit of code that everyone may use to strengthen thier USB product. The team will release a version on GitHub later this year, 2020.
If you are an avid user of USB security dongles, you might know how challenging it may be to get remote access to these devices. To simplify this task, Electronic Team, Inc. has developed a dedicated software solution capable of sharing USB protection dongles over the network.
Donglify is a lightweight desktop application that allows connecting USB hardware keys to remote computers over the Internet and LAN. The software uses the 2048-bit SSL encryption to secure your connections, so you don’t need to worry that your sensitive data will be intercepted or lost.
One of the nicest things about Donglify is that it can redirect one USB dongle to several remote PCs simultaneously. In order to make a USB hardware key available for use on multiple computers, you can just connect the device to your local PC and share it over the network with nothing more than a couple of clicks. This option, currently, works with HASP HL Pro, Sentinel HL Pro, SafeNet eToken 5110, and CodeMeter CmStick security keys.
USB hardware keys of other types can also be shared over the Internet but you’ll be able to access them from one remote machine at a time.
Donglify is available by subscription and comes with a 30-day free trial. When the trial period is over, you can continue using the service for $19.99 a month.
From this article, the Raspberry Pi 4’s USB-C power port was designed outside of official USB-IF specifications, making it incompatible with many USB-C chargers and/or power supplies. You can read more about from the link above and the information gathered to come to such a conclusion was done by a well known Google engineer, Benson Leung.
The raspberry Pi is a collection of small computer boards put together in a simplistic way to create the foundation of a computer system. The Raspberry Pi (also known as RPi) was released back in Feb of 2012 in the United Kingdom. The original intent of the RPi was to develop a low cost and simplistic computer which students could learn and develop.
The original model became far more popular than anticipated, and started selling outside its target market for uses such as robotics. It does not include peripherals (such as keyboards and mice) or even come inside a case. Literally a bare-bones product.
To give you an idea of the popularity, the RPi products have sold over 19 million units between its release in 2012 to the end of fiscal year 2018. This makes the RPi one of the best-selling computers in the world, although a computer with limited resources. Until now.
This week the Raspberry Pi Foundation has released the Pi 4. This is one hell of a great product. Check out these specifications:
A 1.5GHz quad-core 64-bit ARM Cortex-A72 CPU (~3× performance)
1GB, 2GB, or 4GB of LPDDR4 SDRAM
Full-throughput Gigabit Ethernet
Dual-band 802.11ac wireless networking
Bluetooth 5.0
Two USB 3.0 and two USB 2.0 ports
Dual monitor support, at resolutions up to 4K
VideoCore VI graphics, supporting OpenGL ES 3.x
4Kp60 hardware decode of HEVC video
Complete compatibility with earlier Raspberry Pi products
In addition to the hardware improvements, the Raspberry Pi Foundation says
Anyone in tech has seen the reports and news about USB sticks with a virus ruining a company network or infecting computers. Google built a small and effective feature: Chromebook Gets a USB Guard.
The USBGuard is a feature that blocks interaction between the mass storage device and the Chrome operating system. The OS will give power to the device, but not let data transmit.
The USBGuard blocks this activity when the Chromebook is in locked mode. When the Chromebook is not in lock mode, the USB will interact as expected as a read/write device.
Account security is one of the most vital pieces of the busy and interconnected world right now and nobody wants strangers accessing their personal information online. You might use a password manager as well as two-factor authentication like we mentioned in a previous post, but now there’s another way to stay protected.
In response to similar approaches from Google and Dropbox, Facebook has added support for safe login security keys. When you log into your account, this device will prove your identity rather than a code which sends to your phone. In addition to the superior security, they’re also potentially faster. With just a tap on the device you can have access to your Facebook account and feel safer in knowing only you can unlock it. It’s a welcome move from the company in an age where cyberattacks and identity theft are on the rise and as a universal rule on the internet, it’s never a bad time to strengthen your defences.
If the “smart TV” craze hasn’t made it to your home entertainment yet, making one on your own is getting easier every year. All you need is a spare HDMI slot and the Intel Compute Stick.
There are two ways on “How to make a USB read only.” One method will make the USB read-only in anything it is connected to, so you could say this is a universal way of making a flash drive write protected.
The other way is a PC-specific solution where some registry edits are required to any computer the USB flash drive is connected to.
When we say 100% permanent, this means the USB stick is read only (write protected) on all devices, whether it be computers like a Mac, Windows PC, Linux box, or non-processor based products like a car stereo. This permanent solution also means the status of the drive cannot be changed. The other method flags a USB device to be read only in relationship to the PC it is connected to so that whenever that USB stick is connected to that computer, it makes the USB read only and blocks all write commands to the device.
Most times an IT manager or content owner wants the USB stick to be read only so the files cannot be deleted or formatted off the drive. Another reason for making a USB read only is for the original files to remain the same and block the ability for files to be changed or manipulated. Finally, it’s smart to have USBs read only so that viruses don’t jump onto the drive and possibly spread to other computers.
Let us start with the less permanent way because it’s easier to do and doesn’t require any specific hardware.
You will need a Windows7 machine or higher. The Windows7 machine will have DiskPart utility which allows us to perform all sorts of cool things to flash drives, like setting write protection.
Connect the USB to your Windows computer.
To begin, go to your Windows Start and in the Search Field type cmd
This will run your Command Prompt.
Next, you will want to get to the C root of the Command Prompt and if you are signed in as a user you can simply type cd\ – this will get you back to the root of the C drive.
Type DISKPART
Type LIST DISK
Now you will need to find the USB stick connected to your PC. Most likely it’s DISK 1
One of the most classic and – yet still perversely prevalent – issues IT staff face is resetting Windows passwords for users who have forgotten them (again). While remote administration has reduced the need to physically reactivate and reset passwords in most scenarios, a copy of L0phtcrack still remains in every experienced admins ‘toolbox’. Of course, having to reboot the system and use a copy of Bart PE or other portable OS’ to run L0phtcrack has a PITA factor all its own.
Well, it seems that entrepreneur Jonty Lovell has done something about it as the all new – and fully funded – Password Reset Key has been designed to take the hassle out of this common issue. In fact, as long as you have physical access to the system even home owners can now reset their forgotten password within mere moments.
The secret to the Password Reset Key is the fact that it combines a key shaped 1GB flash drive – available in black, stainless steel, or ‘gold’ – with a simple OS that auto-loads his custom software upon startup. Just as with L0phtcrack, with a simple click or three, you can scan, reset and even test how secure a given systems login passwords are. Because of its ‘key’ form factor, it will be hard to lose as you can simply stick on your keychain and always have it close at hand. However, be warned that this $15 – $50 device (depending on which option to choose) may get you in trouble with your IT staff as resetting the ‘administrator’ password will greatly ‘annoy’ them if they find out.
Continue Reading
Planon is known for having pen-sized scanners for mobile scanning of business cards, documents, lecture notes and more. What Planon continues to do is develop the scanning technology year after year.
The company has just released it’s latest pen scanner, the ScanStik SK600V. The V is for Voice Notes. It’s now possible to scan from a device the size of a writing pen and include voice memos for the scanned document. Nice.
They have also added bluetooth connectivity, but apparently the “b” didn’t make it into the updated part number.
You can scan at 600dpi (dots per inch) and save the file to a microSD card. Once you are ready for download, you can connect to a host computer via USB and off-load all those trade show business cards (or competitors spec sheets of that product not yet released).
Continue Reading
The above InfoGraph was provided by Nexcopy Company and highlights the current options and services available for Protecting IP on USB, often referred to as USB Copy Protection. The concept behind this USB copy protection solution is the ability to share digital files on a flash drive with others while restricting their ability to duplicate or distribute that information without authorization.
With the above solution, a user can protect multiple file types, including popular multimedia formats such as PDF, MP3, QuickTime, MP4, M4V, HTML, Flash, and other supported files. This post is not intended as advertising but rather as an informational overview of products and services for protecting IP on USB flash drives currently available in the market today.
CopySecure USB Drive – Key Features Explained
1. Compatible with Mac and Windows
The protected content on a CopySecure drive can be viewed on both Mac and Windows computers using included MacViewer and PCViewer apps—ensuring full cross-platform support.
2. No Administrator Rights Required for Playback
Recipients do not need admin privileges to run the viewer application. The encrypted files can be accessed directly from the drive without installing software.
3. No Installation Required on the Host Computer
Viewers launch and run directly from the flash drive itself—there’s no software setup required on the user’s system.
4. Content Runs 100% from the Flash Drive
All playback—including decryption—happens locally. There’s no internet connectivity, cloud authentication, or external servers involved.
5. Immune to Deletion or Modification
CopySecure drives are hardware write-protected—data cannot be deleted, overwritten, formatted, or modified at the controller level on the device.
The license is embedded to the physical drive—no recurring subscription needed.
Additional Advanced Capabilities
Dual-Partition Drive Format
You can partition the drive into:
A read-only protected partition containing encrypted DRM content.
An optional standard (read?write) partition for supplemental files or updates—not protected. Ideal for combining marketing collateral or user manuals alongside protected IP content.
Supported File Types
CopySecure drives support a wide range of content formats:
Documents: PDF, TXT, XML, CSS
Web pages: HTM / HTML / HTML5
Images and animations: JPG, GIF, PNG, SWF
Audio: MP3, WAV
Video: MP4 (H.264 up to 1080p), WMV, MOV, M4V
Time?Expiration / DRM Features
You can optionally configure content to expire at a set date or time, useful for timed access to training materials, courses, or contracts.
How It Works – Process Overview
For the Content Owner:
Order licensed CopySecure USB media from Nexcopy with DRM license embedded.
On a Windows PC, install the CopySecure Wizard software. Use it to encrypt and load content onto the drive; the tool also installs PCViewer and MacViewer on the drive.
Lock the drive—making the protected partition permanently read-only at the hardware level.
For the End-User:
Insert the flash drive and open the appropriate viewer (MacViewer or PCViewer).
Run protected files directly from the drive — no installation or extra setup.
The viewer prevents actions like save-as, print, screen capture, or copying text. Files appear normal but cannot be extracted or replicated outside the viewer environment.
Caveats & Practical Considerations
Screen capture protection is imperfect: On Windows, capturing screens can occasionally succeed before the viewer detects and deletes the screenshot; on Mac, users may deny viewer permissions, making capture possible.
Viewer updates may be required: If future operating system changes break viewer compatibility, you can update the viewer on the drive using the “Update Copy Secure” option within the Nexcopy software—but content remains locked and cannot be changed or added afterward.
When a USB stick is connected to a PC the Windows operating system enumerates the device. In simple terms, this means Windows will check to see what type of device was just connected, a HID device, Mass Storage Devicet etc, it will also check the speed of the device.
During the enumeration process some registry entries are made into the Windows registry…this is where a hacker could get into your system and take control. This is the update Microsoft issues earlier this week to fix the security flaw.
Since the vulnerability is triggered during USB enumeration, no user intervention is required. In fact, the vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an unauthenticated elevation of privilege for an attacker with casual physical access to the machine. Other software that enables low-level pass-through of USB device enumeration may open additional avenues of exploitation that do not require direct physical access to the system.
So be sure to update your PC with the update notification comes through – it’s in your best interest.
Full Microsoft article
Continue Reading
Here is a great tool for cleaning Windows Registry of USB drive entries. The program runs in the Windows console and removes all devices that are not currently connected.
To clean up the Windows registry of a USB flash drive, or other USB devices can make your system boot faster and run faster.
For example, each time you connect a USB printer to a different USB port on your PC there are registry entries made which associate the device with the drivers. Windows is trying to be smart and log this information so the next time you connect the device, Windows will know exactly what to do. Meaning when you connect the printer a second time, you don’t see the balloon from Windows saying “Installing Brother driver” or something, it’s just connected and ready to go.
But, for example, lets say you connect your Nikon camera to your PC and you use a different USB port each time, now you have a bunch of registry entries that can make your PC boot slower, run slower or possible give you trouble with that external device.
With all this said, if you are having trouble with a USB drive, or a USB camera, printer or scanner, the first thing you’ll probably want to do is run this Windows registry cleaner utility. Good chance it will solve your problems.
System Requirements:
WinXP / Vista / Win7 Writes settings to:
Does not write files to host computer Dependencies:
Administrator rights License:
Freeware How to extract:
Download the ZIP package and extract to a folder of your choice. Launch drivecleanup.exe either in the ‘Win32’ folder or ‘x64’ folder.
Well, it seems that entrepreneur Jonty Lovell has done something about it as the all new – and fully funded – Password Reset Key has been designed to take the hassle out of this common issue. In fact, as long as you have physical access to the system even home owners can now reset their forgotten password within mere moments.
The secret to the Password Reset Key is the fact that it combines a key shaped 1GB flash drive – available in black, stainless steel, or ‘gold’ – with a simple OS that auto-loads his custom software upon startup. Just as with L0phtcrack, with a simple click or three, you can scan, reset and even test how secure a given systems login passwords are. Because of its ‘key’ form factor, it will be hard to lose as you can simply stick on your keychain and always have it close at hand. However, be warned that this $15 – $50 device (depending on which option to choose) may get you in trouble with your IT staff as resetting the ‘administrator’ password will greatly ‘annoy’ them if they find out.
The company has just released it’s latest pen scanner, the ScanStik SK600V. The V is for Voice Notes. It’s now possible to scan from a device the size of a writing pen and include voice memos for the scanned document. Nice.
They have also added bluetooth connectivity, but apparently the “b” didn’t make it into the updated part number.
You can scan at 600dpi (dots per inch) and save the file to a microSD card. Once you are ready for download, you can connect to a host computer via USB and off-load all those trade show business cards (or competitors spec sheets of that product not yet released).
When a 