That is because it is a hardware protocol. But that doesn't mean applications can't have their own protocol, or use a standard one such as TLS.
As a comparison, it is like https/ssl vs tcp/ip protocol. Cheers. On Tue, May 18, 2010 at 2:02 PM, Gregor Schneider <rc4...@googlemail.com>wrote: > On Tue, May 18, 2010 at 11:39 AM, <valdis.kletni...@vt.edu> wrote: > > > > The fact that most devices do it doesn't mean it's not a security flaw. > > > > -1 > > AFAIK the USB-protocol does not contain any authorization / > authentication-mechanism: > > http://www.beyondlogic.org/usbnutshell/usb3.htm > > Please correct me if I'm wrong... > > Cheers > > Gregor > -- > just because you're paranoid, don't mean they're not after you... > gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 > gpgp-key available > @ http://pgpkeys.pca.dfn.de:11371 > @ http://pgp.mit.edu:11371/ > skype:rc46fi > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/