Chrome OS is one of the most secure operating systems out there, but it is by no means foolproof. With a number of USB-based malicious tools like BadUSB, PoisonTap, USBHarpoon, and USBdriveby becoming popular, Google released a new security update that blocks them.
Dubbed USBGuard, the feature spotted by Chrome Story blocks access to USB Ports if a Chrome OS device’s screen is locked. According to the source code that is now available in Canary builds of Google’s OS, it prevents rubber ducky attacks. The feature is currently limited to Canary build users only and should be available on the live version of the OS soon.
To enable the feature once it becomes available on Google’s stable build, users can simply modify the appropriate flag to chrome://flags/#enable-usbguard
. Do note that if devices that are connected to your Chromebook or other Chrome OS device will also be blocked until you log back in.
Most modern-day systems are vulnerable to rubber ducky attacks as even a few seconds of access is enough to infect a PC. Hackers are capable of stealing private data or injecting systems with malware. The only drawback of such attacks is that they require physical access which might not be applicable to a large number of users who do not leave their devices unattended. Google’s update will definitely help prevent such attacks on Chrome OS devices.
Earlier this year, Apple released a similar feature for its MacOS devices that locked USB ports. A similar implementation was made for iOS devices as well that requires users to unlock their devices after an hour of inactivity before allowing access to any USB port. It is likely that Google’s implementation will only block data access and if you plan on using your ports for peripherals or charging another device, you should be just fine.
What do you think about the update to Google Chrome OS? Let us know in the comments below. Also, make sure to follow TechNadu on Facebook and Twitter. Thanks!