Massive, undetectable security flaw found in USB: It’s time to get your PS/2 keyboard out of the cupboard | ExtremeTech

Massive, undetectable security flaw found in USB: It’s time to get your PS/2 keyboard out of the cupboard | ExtremeTech

This flaw, dubbed BadUSB by Security Research Labs in Berlin, leverages the fact that every USB device has a controller chip. Whether it’s your PC, smartphone, external hard drive, or an audio breakout box, there’s a USB controller chip in every device that controls the USB connection to other devices. It turns out, according to SR Labs, that these controllers have firmware that can be reprogrammed to do a whole host of malicious things — and, perhaps most importantly, this reprogramming is almost impossible to detect.