By Steve Dent, Engadget
Even when your Chromebook
is locked, bad actors can access it using a "Rubber Ducky," or
malicious USB drive that mimics a keyboard. Chrome OS will soon put a
stop to those attacks with a feature called USBGuard, seen in a Canary
Chrome build by Chrome Story. It stops the operating system from reading code or executing commands from USB devices when your Chromebook is locked. The feature is similar to what Apple introduced in a recent build of IOS 11 that stops USB activity if a device has been locked for more than an hour.
Devices
already plugged into a Chromebook when it's locked will continue to
function, ensuring data transfers won't stop, for instance. Once the
feature arrives, you should be able to opt in to use the service and whitelist USB devices like a keyboard or mouse.
Chromebooks
are considered more secure than Windows and other devices, especially
for clueless users (I'm talking to you, Aunt Gertrude with six spyware
toolbars). However, any computer can be vulnerable to Rubber Ducky devices,
essentially miniature computers that pose as keyboards and inject
pre-programmed keystroke sequences at up to 1,000 wpm. All of this can
be stopped just be disabling the USB port, so the USBGuard feature --
coming to Chromebooks in the near future -- is welcome news.
COMMENTS