How to know if usb pendrive firmware is compromised and is spying your system?

Hello guys

I am a newbie in linux so be patient and understanding please

I have read many articles about firmware inside usb pendrives, that could actually be an exploit that could act as a trojan or backdoor and be able to monitor your system activities and take control over it.

Here is a link to one of those articles.

I read that M15 in Uk have actually detected this in gift pendrives given to businessmen in China.

My main concern is if some vendors could be working with governments and spy networks to spy on the population and on businesses.

So , as I dont trust the government I would like to know if there is a way to monitor peripherals for suspect behaviour.

What security software would you recommned?

What kind of connections should I be paying attention the most?

Any guidelines and directions would be really appreciated.

I personnally think that most computeres have backdoors and exploits in the hardware itself, specially the intel machines, whose brand name kind of says it all ( intel as Intelligence )

Maybe I am too paranoid but would be great if the open hardware community could launch a crowfunded or crowdsourced initiative to asses the security of hardware.

Maybe a study been done by the open hardware community already that I am not aware of?

I hope someone can answer

Thank you

do you work for a governmental operation or someone that keeps secrets for the government or a company that can produce weapons of mass destruction, or even a little bit of destruction, or have sensitive material or access to sensitive material that can influence the general public?

Are you a member of the Communist party or have an affiliations with the Communist party such as even worked for PepsiCo PEP Procter&Gamble, McDonald's, Mondelez International, General Motors, Johnson & Johnson, Cargill, Alcoa, and General Electric. GE which have an existing presence in RUSSIA?

Spyware type pen drives usually employ U3 technology with small normally hidden partitions. Access to some of these partitions require input of a 32bit key which only the manufacturer knows.

Quote:

Maybe I am too paranoid

Install mmc-utils and have a look at your pen drive, here is a Debian manual page for a little reading.
After installing mmc-utils, run fdisk -l command and the hidden partitions should show up as devices. You can also run the command below and if it coughs up an error saying extcsd data don't exit, it won't spy on you. Replace the device name with that of what fdisk calls your pen drive.

Code:

mmc extcsd read /dev/mmcblk0

There have been many ways to deploy usb based malware. Usually the target has to be known. Making a malware for windows won't generally work on other OS's.

Generally buying new from mainstream places. Configure you system to be up to date and run in least privileges needed.

Quote:

Originally Posted by hex666 Maybe I am too paranoid

I think you are.
Reading can be scary, depending on the source and the motive for publication.
Sensationalism is rampant. It drives traffic.

One place I trust is https://krebsonsecurity.com

Frankie says R.E.L.A.X.

You can get a pretty good idea from looking at what system messages are generated when you insert the device. If you see messages about something other than a mass storage device, that could indicate a problem. The output from lsusb will also show what each device claims to be.

If the drive has been in your custody at all times, it should be safe.