Seller of the Sound Blaster Katana V2X doesn't consider the behavior a vulnerability.

Seller of the Sound Blaster Katana V2X doesn’t consider the behavior a vulnerability.

  • A_norny_mousse@piefed.zipEnglish
    31·
    2 hours ago

    “Without being touched” seems unnecessary. That’s one possible definition for computers: completing tasks that do not require manual intervention. Automation.

    BTW the real culprit here isn’t the USB connection but Creative’s proprietary but totally unprotected transfer protocol that allows third parties to communicate with the device both ways, even load new firmware. No code signing there, either.

    • Some_Emo_Chick@lemmy.worldOPEnglish
      12·
      1 hour ago

      Reminds me of Logitech’s Unified software that had so many holes and was patched frequently. It was never secure.

  • Eideen@lemmy.worldEnglish
    63·
    1 hour ago

    Tittel is misleading as this a variant of BadUSB where a device act as keyboard device.

    And i agree and prefer that user is able to replace firmware.

    • Feyd@programming.devEnglish
      4·
      52 minutes ago

      Not really. You can’t just walk by with a cell phone to configure a flash drive that is already plugged in and convert it to an attack vector. The method of setting up the attack device is the shocking part. You don’t even have you push a pairing button on the speaker to connect to it.