A group of Canadian hackers have identified and learned to exploit a flaw that allows them to turn any USB peripheral into a sort of hardware trojan horse. Plug-and-play USB devices follow a consistent rule, the device identifies itself to the PC. The computer, by rule, will believe that a UB device is whatever it claims to be; if a keyboard says it's a camera, the PC will register it as a camera.

This trust-by-default design makes it easy for a modified peripheral to collect or transmit data with……

More….