structuresxx/ShutterstockIt’s no news that technology isn’t always the best platform to transfer and store confidential information, but now there’s even more of a reason not to. According to a new study conducted by researchers at the University of Adelaide, external Universal Serial Bus (USB) devices are much less confidential than we previously thought.
After testing over 50 external USB hubs and various computers, the research team at the University of Adelaide found that over 90 percent of them leaked information. Conducted by using “a modified cheap novelty plug-in lamp with a USB connector to ‘read’ every key stroke from the adjacent keyboard USB interface,” Dr. Yuval Yarom, a contributor to the study, notes, “electricity flows like water along pipes—and it can leak out.”
Because of the short and direct connection from an external USB device to a computer, these devices have always been deemed as a secure form of transferring data. But, Dr. Yarom disagrees.
“Our research showed that if a malicious device or one that’s been tampered with is plugged into adjacent ports on the same external or internal USB hub, this sensitive information can be captured,” he says. “That means keystrokes showing passwords or other private information can be easily stolen.” (By the way, here’s how you can protect yourself online..)
“The main take-home message is that people should not connect anything to USB unless they can fully trust it,” says Dr. Yarom. “For users, it usually means not to connect to other people’s devices. For organizations that require more security, the whole supply chain should be validated to ensure that the devices are secure.”
Now that you’re aware of the possible risk of using a USB device, make sure you know these tricks that identity thieves use to steal your personal information from right under your nose.