In the Derbycon Hacker Conference held in Louisville, Adam Caudill and Brandon Wilson- two research scholars presented some codes of such attacks on Github.
They with this regard said “I am confident that we (Brandon and I) could build a system that would infect PCs, then infect a significant percentage of thumb drives, and then infect other PCs - but, and this is a big but - what we released doesn't make that easier in any significant way,"
Caudill wrote. "Your average script kiddy will never be able to do it; there's only a small number of people that would be able to do the work needed to be able to pull it off - those people could already do it before we released what we did”.
Both, Caudill and Wilson retorted that, they made the process of making simple patches of firmware based worm or a replica of it, easier. Although, someone who intends to make it will not be able to come up with all the exact features but they will be able to make some minor changes to the already existing feature and or create new features in addition to the previous one.
The main purpose of Caudill and Wilson to release the code was to enhance the awareness of device makers and users. To quote their words, “As long as users implicitly trust devices, attacks will be possible and successful.” Further they specified in the note, “We haven't broken the security of these devices, but made it clear that it isn't existent.”
About Author : Rob is a technical guy and writes mainly on the tech blogs for various websites.
No comments:
Post a Comment