USB port

Just like water leaks from pipes, so do electric signals from USB ports, indirectly exposing sensitive data to a knowledgeable attacker, according to new research from scientists at the University of Adelaide in Australia.

The phenomenon is known as "channel-to-channel crosstalk leakage" and affects USB-based devices plugged into adjacent ports.

"Electricity flows like water along pipes – and it can leak out," said project leader Dr. Yuval Yarom. "In our project, we showed that voltage fluctuations of the USB port’s data lines can be monitored from the adjacent ports on the USB hub."

Electric signals leak data to adjacent USB ports

This scenario implies the presence of a malicious USB device inserted in a nearby port that the attacker can use to monitor data flows in adjacent ports.

Researchers say that an attacker could collect this data and use an Internet connection to send it to the attacker's server. Anything that passes in an unencrypted form through adjacent USB ports can be collected.

For the practical side of their research, scientists used a modified off-the-shelve plug-in lamp with a USB connector to log every key stroke from an adjacent USB keyboard. They then sent the data to another PC via Bluetooth.

... and of course, people will pick random USBs off the ground

Furthermore, carrying out an USB crosstalk leakage attack is not as complex as many would consider. It's been shown in many research studies that people in high percentages pick up random USB thumb drives and insert them into personal or work computers without considering the security implications.

"The main take-home message is that people should not connect anything to USB unless they can fully trust it," researchers concluded.

The full research, not yet public, is entitled "USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs" and will be presented next week at the USENIX Security Symposium in Canada.