Pinned 260 days ago

<> Embed

@  Email


Uploaded by user
USB-C could soon offer protection against nefarious devices
<> Embed @  Email Report

USB-C could soon offer protection against nefarious devices

Rachel England, @rachel_england

January 02, 2019
USB-C could soon offer protection against nefarious devices |

USB chargers and devices are universally accessible and easy to use, but they come with a host of potential security risks, namely the spread of malware from infected devices, and data leakage should a device fall into the wrong hands. Now, the USB Implementers Forum (USB-IF) — the big dog in the advancement of USB tech — has launched its USB Type-C Authentication Program, which will help mitigate these issues.

The program defines the optimal cryptographic-based authentication for USB-C devices and chargers. Any host system using this protocol will be able to confirm the authenticity of a device or charger, including descriptors and capabilities, right at the moment a connection is made. So say, for example, you’re concerned about charging your phone at a public terminal. Your phone could implement a policy only allowing a charge from certified chargers. A company, meanwhile, could set a policy for its PCs, giving them access only to verified USB storage devices.

At this stage, the program is simply a recommendation — there’s no mandatory implementation required, but its creation certainly points to future security requirements for USB-C, which USB-IF president Jeff Ravencraft believes is “the single cable of the future.” Indeed, as more product manufacturers adopt USB-C, nefarious individuals will be looking for ways to exploit their vulnerabilities, so the guidance marks an important contribution in enabling a secure system of compliant, interoperable products.

Engadget RSS Feed