Brace yourselves: USB bugs are coming!
Quote Tweet
Slides for my "Coverage-guided USB Fuzzing with Syzkaller" talk @offensive_con docs.google.com/presentation/d
1
8
46
Conversation
Replying to
I applied 's deny_new_usb patch around the time it appeared. Syzkaller keeps vindicating that choice. 👍
1
1
3
I didn't make the deny_new_usb feature. I developed the Android integration for it including integration into Keyguard for automatically enabling it when the screen is locked. It existed as a kernel feature for many years prior but hadn't been properly integrated as intended.
3
1
2
There's an upstream kernel feature (kernel.org/doc/Documentat) which I worked on integrating as a more sophisticated feature where users can confirm the device types match their expectation. Unfortunately, it was only a prototype and wasn't ever ported to later releases of Android.