

Ask HN: Would HN be interested in an adapter, that can prevent BadUSB-attacks? - jpidea

Let me first give some context:<p>I am part of a group of &#x27;highschool&#x27; students (actually the equivalent of this in Germany) and we are currently searching for ideas for a startup-project, in where we are founding our own little company and try to bring it to some success. Our seed capital is 1000€ gathered through selling shares.<p>Due to the recent concerns about the abuse of USB devices as attack vector, we were thinking about creating an adapter, which let&#x27;s you configure, which kind of devices are allowed to connect to it. We only have limited time, so I just skimmed the complexity of the project and we came to the conclusion, that we could do it, though we maybe are maybe only looking at the interfaces and, based on time, money and complexity, not lookup the exact HID-device through usage tables. It will have a small program&#x2F;driver for atleast Windows and Linux to control as what the device is allowed to connect (multiple inputs possible) and an &#x27;admin mode&#x27;, so users will only allowed to use certain devices. Maybe we would also add a small button, so you can select it manually on the device.<p>This device might never happen, because only a few ideas will at the end be selected (we also need people who understand stuff like his), but any opinions or tips (like manufactures, suiting microchips, if we would be able to do it etc) are always appreciated.<p>Of course, it&#x27;s a rather big project for on year, and we might be too incompetent, but hope dies last :)
======
jloughry
This could have applications outside the narrow use case you've outlined. I
encourage you to think about security in both directions: (1) protecting
storage devices from computers, and (2) protecting computers from storage
devices. This sounds to me like a product that I'd like to have _built in_ to
computers in sensitive locations, where I'm worried about users bringing in
uncontrolled USB devices from home. Contrariwise, when I'm travelling, I don't
trust any computer I don't own, so I'm loath to insert my personally owned USB
device into it: in that case, I need your exact product.

~~~
jpidea
Good Idea. For 1) I could use a small switch and for 2) then this driver?

------
gburt
Is that what this is?
[http://int3.cc/products/usbcondoms](http://int3.cc/products/usbcondoms)

~~~
sharth
The USB Condom basically cuts the data ports to the endpoint device. So the
host (or device) can't communicate at all.

They seem to be talking about making a device / application that causes a USB
port to only talk to keyboards for example (or perhaps they'll get further in
and that will become only HID devices).

------
stevekemp
You could look a look at some related discussion which happened recently:

[https://news.ycombinator.com/item?id=8216068](https://news.ycombinator.com/item?id=8216068)

~~~
rahimnathwani
Please re-read the comment text (which is clearer than the title).

That discussion was about protecting the USB device, by preventing data flow.
This thread is about something different: protecting the USB host, by
restricting which types of devices can be used (including ones which use the
data pins).

------
The_ZaZ_Man
i like this. this would be great for a small company with little to no
background check ups on employees.

