
Press Warned about USB Fan Given Out at Trump-Kim Summit - rmason
https://mashable.com/2018/06/12/usb-fan-trump-summit/
======
ttul
This is a real risk. A colleague of mine who specializes in hardware security
research recently received a modified mainboard in an otherwise normal amazon
order. The supplier literally modified (with or without their knowledge) the
part sent to him by adding an extra unidentified microcontroller that has been
soldered into the IO bus. Removing the part caused no loss of performance. It
was there for some kind of surveillance OF THE RESEARCHER.

In another case, his air gapped laptop was found to be emitting subaudible
tones by modulating the system can.

~~~
kefs
A real risk indeed.

> Take, for example, when they intercept shipping deliveries. If a target
> person, agency or company orders a new computer or related accessories, for
> example, TAO can divert the shipping delivery to its own secret workshops.
> The NSA calls this method interdiction. At these so-called "load stations,"
> agents carefully open the package in order to load malware onto the
> electronics, or even install hardware components that can provide backdoor
> access for the intelligence agencies. All subsequent steps can then be
> conducted from the comfort of a remote computer.

[https://www.spiegel.de/international/world/the-nsa-uses-
powe...](https://www.spiegel.de/international/world/the-nsa-uses-powerful-
toolbox-in-effort-to-spy-on-global-networks-a-940969-3.html)

------
nodesocket
Seems like it should be straightforward to test it before jumping to
conclusions and making accusations right?

Get a clean "air-gap" computer, and see what's really on it.

~~~
AdamJacobMuller
Testing doesn't actually tell you anything. Were I designing this fan, I would
only activate the attack payload if the fan was connected X number of times,
or after some specific date in the future to defeat this kind of analysis.

I think you need to just tear one down and see what's connected. It should be
trivial to identify if only the power connectors are hooked up, or if the data
connectors are also hooked up.

~~~
nodesocket
Unless I am missing something, even if the code has latent features, you
should still be able to discover the "fan" in-fact has files and those files
have code, which would be a red flag right?

My point is that instead of doing any investigative journalist work;
"journalist" just decided to take to Twitter and proclaim the fan as hostile.
The lack of facts and reason over emotion is my frustration. A recurring theme
lately.

~~~
mortdeus
If I was trying to attack somebody through this route, I wouldn't just release
all of them containing malware. Rather, I would target 2 or 3 journalists who
I wanted to monitor and hope that they wouldn't be wise enough to consider the
security implications. Most fans would check out as being okay, which would
lessen the suspicion.

The only way you could definitively tell that these fans are compromised is to
consequently check every fan out of the bunch.

------
koverda
I'm curious to see if they end up finding anything.

~~~
nielsbot
someone can just open one up? then again, if it is spy gear you won’t be able
to tell, if they’ve done a good job.

------
mortdeus
Whats scary is that many of these USB fans could be just normal fans, but
there might be one or two that contain malware that either governments could
use to their political advantage.

------
Something1234
Who in their right mind would use a __micro __usb fan?

My phone already has a bad enough battery life, why would I make it even
worse?

------
systoll
If it's _mini usb_ , no-one's going to have anything to plug it into.

