How can USB ports be dangerous?

Question

I hear all this vague information about how USB ports are dangerous, because people can just stick in a stick with malware on it and Windows just happily runs it automatically, or something.

It's so difficult to find clear and correct information about anything.

Whatever truth there may be to this danger, it has certainly managed to spook me. To the point where I'm looking at "USB port blockers" which are extremely pricey and seriously consider ordering a bunch of those to physically block all my USB ports which aren't in use.

But then, if somebody has physical access to my computer, they can just pull out one of the occupied USBs and insert their "trojan stick" instead, no?

Why are USB ports dangerous? Why do operating systems (apparently) just run random executables whenever a stick is inserted?

Answer 1

While Windows does not autorun anything anymore, there are still a number of ways that USB ports can be dangerous, including but not limited to:

• Something that looks like a thumb drive can in fact act as a keyboard. Once inserted, it "types" a sequence of commands that run dangerous code on your computer. Devices like these are called "rubber ducks".

• A USB can physically damage your computer by overloading it with electricity. These devices are known as "bad USB".

• There might be bugs in the OS that a USB drive can exploit. For instance, Stuxnet used an overflow bug in the image library that rendered the icon to run malware.

• A user may be tricked into opening or running files that are malicious.

This is a reason to be careful with any unknown USB devices, such as USB drives given to you by strangers. Blocking your USB port sounds a bit excessive for most cases, though. First of all, if you don't expect an attacker to have physical access, there is no point. Second, as you write, if there are any unblocked USB ports an attacker can just use those.