The ubiquity of USB has made it a common vector for cyberattacks. A criminal can walk up to a machine, coolly slide a stick into a PC without arousing suspicions and wreak havoc on an entire network. It only takes a few seconds but the damage caused could be permanent.
That’s why Google is taking action to protect Chromebook users. The company has cooked up a simple yet effective tweak to the Chrome operating system that will make them much harder to hack via USB ports.
The feature is called USBGuard. Put simply, it prevents any USB devices from interacting with Chrome OS if the system has been locked. The ports may supply power to a malicious flash drive or mouse but USBGuard will prevent any code from being executed.
It’s not a foolproof solution, of course. There’s always a chance that you could sit down with your Chromebook, fail to notice that someone had plugged in something, and log back in. That could provide an opening for malware to slither its way into your system.
Still, it’s easy enough to make a habit of checking your computer for glaringly obvious signs of tampering before you start using it. The security of your data is well worth the second (or fraction thereof) it takes to glance at its ports and assure yourself that things look as they should.
USBGuard will arrive on Chromebooks in the near future. For now, users who want to try it out can enable it by opening the chrome://flags page.
The concept of USBGuard should sound familiar. It’s quite similar to a feature Apple implemented on iPhones and iPads that was designed to thwart certain hardware-based lockscreen bypasses. If an iPhone or iPad has been idle for more than an hour, iOS now requires users to unlock their devices before allowing a USB connection.
Date: January 9, 2019