The original post: /r/cybersecurity by /u/Deep_Sir9886 on 2024-11-12 17:16:44.
Could it be possible for a malicious USB mass storage device to modify itself? I.e., for the device’s firmware to modify files stored on its media? I see no reason why not – right? If so:
- What applications of such a method would best justify using it (and thus risking its detection), especially if deployed via supply-chain attack?
- What methods would best counter this threat? Encryption & signature before storage?
- Are the methods from #2 in fact universally deployed in the situations identified in #1?
(Apologies if this is duplicate. My former attempt contained an error which I *think* caused AutoModerator to delete it.)
You must log in or register to comment.