Petronella Blog Archive

Visit our New Blog

Security Problem with New USB-C

Blog Post

USB-C, the new USB standard, has arrived thanks to the new Mac and Chrome laptops. It will be used to connect all kinds of plug and play devices to computers and charge all kinds of things.  As great as that sounds though, there is a huge danger with USB-C.

There has always been a danger in USB devices.  Hackers, and even agencies like the NSA, are able to put malware into the firmware of the connector.  This makes it virtually undetectable, and if its undetectable it's not fixable either.  Unfortunately, this vulnerability has never been fixed in previous iterations of USB and it hasn't been fixed in the USB of the future.

What's great about the new USB is that it's expected to be pretty much universally used, and not just for connecting storage to a laptop, but for power cords too.  What makes that bad, though, is that all you have to do to get infected with USB malware is to plug it into your computer, so if you're in a coffee shop and ask to borrow someone's power cord, you run the risk of infecting your computer, whether the person infecting you is doing it on purpose or not.