X
Tech

This USB firewall protects against malicious device attacks

This pocket-sized firewall is a nifty tool for the privacy-minded and super paranoid that aims to protect against USB-based attacks.
Written by Zack Whittaker, Contributor
usg-hero.jpg

USG hardware firewall for USB devices. (Image: Robert Fisk)

Meet the USG.

The USG is a small, portable hardware USB firewall that isolates a potentially harmful device from your computer. It's designed to prevent malicious USB sticks and devices laden with malware from infecting your computer.

You might be thinking, "What's the point?" The problem is that most computers automatically trust every USB device that's plugged in, which means malicious code can run without warning.

It's not just computers: Cars, cash registers, and some ATMs also come with USB ports, all of which can be vulnerable to cyberattacks from a single USB stick.

Enter the USG, a nifty tool for the privacy-minded and super paranoid that aims to solve that problem.

Every USB device has its own micro-computer that runs its own firmware. It only takes one malicious USB stick to send a malicious message to your computer to cause damage.

Top Google Chrome extensions for security, productivity, and privacy (March 2017)

That's where the USG firewall comes in. You plug in one end to your computer, and you plug in a suspect USB device into the other. A simple hardware serial link that only accepts a very few select number of safe commands, which prevents the device from executing system commands or intercepting network traffic. That means the data can flow from the USB device but effectively blocks other USB exploits.

These kinds of attacks might be rare, compared to spam, ransomware, and other kinds of malware, but they can still do considerable damage.

Take Stuxnet, for example, the virus that damaged Iran's nuclear capabilities after a virus on a USB stick was smuggled in on a flash drive in 2010. The virus is thought to have been developed by the American and Israeli intelligence communities.

Other previous research shows how easy it is to turn a normal USB stick into a BadUSB device, a benign-looking flash or thumb drive that's covertly running malicious firmware. And it's not just flash drives -- any kind of USB device, from webcams to keyboards and mice, can lead to a malware infection.

While the USG will protect against low-level USB attacks, it won't protect against malware stored on the flash drive itself.

Fisk explained on his Github page, where the code is available, that the project is "particularly useful for individuals and organizations that face advanced threats including corporate espionage or state sponsored attacks."

Should you trust the USG? There's no reason not to.

Robert Fisk, creator of the USG, the only developer of the USG firewall, says his "reputation hinges on the integrity of this project." He open-sourced the firmware so anyone can inspect the code, as well as compile it themselves on the device itself, and he has published the specifications of the USG hardware, so anyone can build one.

Anyone can order one for $60.

Editorial standards