When Windows 8 rolled up to the curb, Microsoft did its best to enforce a protocol known as Unified Extensible Firmware Interface (UEFI) Secure Boot. This was to be a modern replacement for the aging BIOS usb access control system and would help ensure boot-time malware couldn’t be injected into a system. For the most part, Linux has overcome those UEFI hurdles. However, with Windows 10, those hurdles could be returning.
The implementation itself isn’t mathematically verified for security. Not the hardware, the firmware, the software, the covert channel analysis effect on implementation, the testing/proving tools themselves, the compilers/assemblers/linkers, the integration, and so on. Vulnerabilities were found in other usb access control products in each of these things. NSA, GHCQ, Russia, and China attack all of these things. The good news is that pro’s typically review and pentest an EAL5+ product so it gets good code reviews. Yet, pro’s also review and pentest things like SSL yet it’s had plenty of design and implementation flaws.
In the early days of computer viruses and malware the primary means of transmission and infection was the floppy disk Today, USB flash drives perform the same data and software storage and transfer role as the floppy disk, often used for transferring files between computers which may usb protect be on different networks or in different offices, owned by different people; this has made USB flash drives a leading form of information system infection. When a piece of malware gets onto a USB flash drive it may infect the devices into which that drive is subsequently plugged.