Say you’re in a cafe and you need to make a quick run to the bathroom, so for security purposes you lock your laptop, and go do your business. Safe for someone physically stealing your laptop, you should be somewhat safe from prying eyes, right? Nope, not entirely, no thanks to what those in the hacking community refer to as the “Rubber Ducky”.
This is basically a USB stick with a keystroke injection tool designed to trick a computer into thinking that a human is the one using the computer. The good news is that if you’re a Chrome OS user, it seems that in an upcoming update to Chrome, there will be an introduction of a new feature called USBGuard (via Chrome Story; via Engadget) that will block USB ports from being activated whenever a device has been locked.
The description reads, “Prevents newly connected USB devices from operating at the lock screen until Chrome OS is unlocked to protect against malicious USB devices. Already connected USB devices will continue to function.” While there are several ways to prevent such attacks, building protection into Chrome OS itself means that users who might be clueless about such attacks will be protected regardless.
However for those who want more control over their devices, it seems that the tool can be customized where you can whitelist certain devices that will continue to operate even when the device is locked. No word on when the feature will be rolled out, but given that it was spotted in the latest Canary build of Chrome OS, we expect that it probably won’t be too long until it is available.