There are many different types of secure portable devices on the market, with different target certain security levels and users. Finding an acceptable level of security – choosing the appropriate device – will depend lock usb on your needs: a government organisation or high security business will be looking for sophisticated levels of protection, while the average user may simply want to be more secure transferring data via a USB device.
All guard mechanisms are susceptible to these issues, it’s how you manage them which reduces the problem, but generally the managment of them limits the likes of bandwidth or increases delay, both of which most users find unacceptable… It’s this user issue that the likes of skilled adversaries rely on to exploit guards and similar systems. I think you nailed it. Any device with DMA capabilities is a risk. The reprogrammable microprocessors usb lock on these flash devices are for economic reasons mix and match different flash chips cheaply as possible while managing the wear factor. Changing the protocol itself doesn’t seem to be an option at this point, although the protocol handler can be modified for increased security. Unrealistic advice. Don’t use USB. printers, scanners, keyboards, mouse, wifi, external drives. Digital picture frames and phone chargers? Get real.
Announced on Tuesday, the optional Security Key technology requires that a Chrome user take two additional steps to sign in to their Google account: plug a small key into the USB port on their computer and tap a button. The process is a simpler and more secure secure usb version of the 2-Step Verification process that Google offers to security-conscious users. With 2-Step Verification, users receive a code from Google on their phone or in e-mail that they must enter into Google’s site to complete the login process.