How to find out if your USB device is safe


According to a survey by the digital security company Eclypsium, most Windows and Linux-based peripherals use “unsigned” firmware or drivers, which compromises the security and stability of the operating system, as well as the proper functioning of the device. Unsigned drivers leave the OS vulnerable to all types of attacks, such as ransomware, spyware and even the total “hijacking” of equipment.

The driver signature is a validation key, which ensures that the software was provided by the same hardware manufacturer and, therefore, whether it is reliable. If the driver is unsigned, it means that it may have been provided by malicious developers.

Eclypsium warns that hackers can exploit unsigned drivers on all types of peripherals, such as USB (wired and wireless) mice and keyboards, webcams, trackpads, video cards, storage devices, routers, etc., in order to deliver scams that are not limited to the specific use of this equipment.

A new driver is required

The only way to correct the problem with unsigned drivers is with the release of a new driver signed by the manufacturer. In recent years, several storage device manufacturers (HDs and SSDs) have updated their equipment’s firmware to accept only signed drives. This was necessary after the popularization of attacks related to unsigned drives.

Still, even if a company makes a signed driver available to replace an unsigned driver, the software will not be installed automatically. The user will need to search for the driver and install it manually.

If you want to check if your peripheral drives are signed, here’s how to do it in Windows 10.

Checking if a driver is signed

To make sure that a device drives is signed, follow the steps below:

1. Open the Start menu and type “Device Manager”;

2. Enter the Device Manager, choose any device, right click and choose “Properties”;

3. Go to the “Driver” tab and look for the “Digital signature” field. The company that signs the driver should appear next to it. If the field appears as “Unknown”, the driver is not signed;

4. Then click on “Driver Details”. A new window will appear with a list of installed drivers for that device. Signed drivers will have a certificate icon next to them, like the ones in the screenshot above. You should also see the Digital Signer for the driver listed below, which must match the Digital Signer on the “Driver” tab.

This procedure can also be done on Linux systems, but the step by step will be different, depending on each graphical interface.

Check for driver updates for all devices that have unsigned firmware. To do this, you can visit the manufacturer’s website, or check directly through Windows, using the button shown below: