Whole Reversing and patching USB speech is encrypted in German-English. :(

Brilliant stuff. Great talk. And yes, Jakob sounds like Dr. Strangelove....

The protection mechanism that makes the most sense to me right now would be adding a kernel module for detecting implausibly fast keystroke input. Upon detection of suspicious keyboard input - parameters could be adjustable by security policy settings - it would trigger something similar to Windows User Account Control prompt. Of course, it would have to require typing or clicking something less predictable than Alt+y, like they use to bypass current UAC in their attack

I only have one question: What?

Great work. a website that reported about this said it best. "we are screwed."

"plug & pray" has never been so true

Would it be possible to use the badUSB vulnerability with a mouse or keyboard instead of a USB stick? Would it be possible to have a mouse/keyboard execute a program/code when it is plugged in?

I can't understand what the german dude is talking about..

The answer to this vulnerability should be input device validation & lockdown. On first bootup, the computer should 'mate' itself to a known good input device via a mechanism in the EFI (requires development of per-keyboard, -trackpad, -etc., per-firmware version, code-signing). The user could be prompted to set a master password needed to then add more input devices. Then whenever an input device (keyboard, mouse, anything else that could easily take control of the system) is added, there would be a prompt & it would need to enter the password to give further input to the machine. EFI or OS Kernel controls could allow more fine-grained automatic policies, like allowing classes of devices to be white- or black-listed, or disallowing for instance on a laptop, a single usb hub that hosts both a display & pointer peripheral, if attacks using emulated mouse movement & screen capturing techniques were spotted in the wild.

Wow. That is an eye-opener for sure.

And all those years later, we have evolved BadUSB to "Rick Rolling".

0.75x speed works, able to understand most things thank god

no offense intended but really needs subtitles for the second guy, impossible to understand half of what he says and i was really interested in this presentation, i couldnt even finish watching it..

karsten Nohl has a German accent but is quite understandable, Jakob Lell on the other hand was not. Intonation and rhythm is so strongly German that the result is not understandable. Otherwise a very informative and useful presentation.

Is the second guy human or robot?

Please turn on CC it can't even understand the second person either! Some of it is too funny!

Is there an open API for this? we want to implement this in our project

I speak fluently German and I'm pretty sure I'm not that bad in English. Yet it's really hard to understand the second guy as my knowledge about this stuff isn't that good.. No offense, but subtitles would be awesome EDIT: it was only difficult at the beginning, but later it got better

Oh man, every time the second guy comes in, it gets really hard to understand.

The best is a cd or dvd disc.... I Think!

Is it relevant to PCs which run on a non-admin privilege as well?

How about SD cards, Do they present similar vulnerabilities?

wow first we have sd memory card vulnerability now this, very interesting.

I've had 40 USB stolen in the raw bed so I'm just going to alert to Anderson county sheriff's

Muss er das Klische bestätigen ? Natürlich, Ja :D

LMFAO what the fuck is Felicia day doing at blackhat

I am sure the talk is awesome, but the second speaker lost me with his english..

Föhmwäh = Firmware

the second man was german i think :(. is he speaking english or what?

waw good job i'll try it

Its a pain to listen to him....@9:00

I am getting paranoid I let people charge phones on laptop all the time :'O

Jacob, I could understand more if you speak German.

im not a native english speaker and i can completely understand the german guy, stop it guys.

You've forever and irreversibly killed the guilty pleasure of buying cheap Chinese devices on eBay...

Nice, Just in case your HDD will be taken by force. Auto format :P

The german guy was so terribly hard to understand, this was soooo painful to watch.

I am german and....holy crap...his english is terrible. Someone should have told him during rehearsal that his english is not good enough to do a presentation. Content great...english *facepalm*

the second man has a sick english !!!! :/

This is painful to watch. I am sure the second guy knows what he talks about but the problem is that he doesn't speak English.

Not even subtitles would help this guy, it would just say , um usb um yeah um WiFi um endpoint um.um

يخربيتكم معقول

Yeah but these "BadUSB's" are not anything new at all. In my Gray Hat Hacking Ethical Handbook these HID's and others are covered and discussed in depth. Even if you turn off the auto-detection/auto-run it not really going to help, because there is a simple work around for that.

This is the second conference on this exploit. The first was in 2011. It's still an issue today. This is what made Russia go back to one time pads and paper for everything. This is easy to solve, but that would require the IEEE to not be a seething pool of opinionated assholes that think they are better at running society than the individuals having to deal with the repercussions of their BS.

21:36

Isnt this just the Rubber Ducky?

A

This is nothing new... They just made their own homemade Rubber Ducky. Why spend months reverse engineering firmware when you could just buy this?

420 root it 19:15

jakob ruined the whole shit

Windows-fanboys... What has this world only come to.

OMG.. the second guy is probably really smart way smarter then me, but please do not talk, just write down what you reverse engineered, and hand paperwork to someone else, anyone but you!