Now even cables are getting firmware updates.

theorist9

Site Champ
Posts
603
Reaction score
548
Credit to TheYayAreaLiving on MR for spotting this:

1677901689893.png
 

Colstan

Site Champ
Posts
822
Reaction score
1,124
While I understand the utility behind "smart" cables, including updatable firmware, this makes me uncomfortable concerning "evil maid" attacks. Now we have to watch out anytime we plug anything into our machines. Apple has done a good job at remediating this sort of attack vector, but this seems like a security nightmare for those living in PC land. I recently mentioned that MSI shipped 300 models of motherboards with Secure Boot disabled for over 18 months. If major companies can't handle simple security measures like that, then I don't see this working out well.

These days, any USB drive that isn't personally vetted is automatically suspect. What next, our toaster ovens will need firmware updates? Oh wait.
 

theorist9

Site Champ
Posts
603
Reaction score
548
While I understand the utility behind "smart" cables, including updatable firmware, this makes me uncomfortable concerning "evil maid" attacks. Now we have to watch out anytime we plug anything into our machines. Apple has done a good job at remediating this sort of attack vector, but this seems like a security nightmare for those living in PC land. I recently mentioned that MSI shipped 300 models of motherboards with Secure Boot disabled for over 18 months. If major companies can't handle simple security measures like that, then I don't see this working out well.

These days, any USB drive that isn't personally vetted is automatically suspect. What next, our toaster ovens will need firmware updates? Oh wait.
Thumb drives have long been suspect, right? Here's an article from 2011:


I'm more intrigued by the possibility of swapping out someone's cable with an identical-looking one that installs a malicious program the next time the user logs in. Would be great for industrial espionage.
 

Colstan

Site Champ
Posts
822
Reaction score
1,124
Thumb drives have long been suspect, right? Here's an article from 2011:
Oh certainly, thumb drives have been an issue for ages, which is why I brought it up as an example.
I'm more intrigued by the possibility of swapping out someone's cable with an identical-looking one that installs a malicious program the next time the user logs in. Would be great for industrial espionage.
That's probably already happened. If not for corporate espionage, then the spycraft of three letter government agencies from around the globe.

Or perhaps we are overthinking things. There's always the old-fashioned methodology.

security.png
 
Top Bottom
1 2