Virtually any USB device can be reprogrammed, while some might be reprogrammable under certain conditions.
According to Kasten Nohl, of the 60 or so chip families it looked at from eight vendors, not a single one consciously disabled the ability to be reprogrammed. Nohl, who presented this summer on the BadUSB malware, said that this was because of a design decision made to conform with a particular purpose and not for security reasons.
He said that the attack is undetectable and does not exploit a vulnerability in the code, but rather just takes advantage of the way in which USBs are supposed to behave. In both cases, Nohl said, roughly half were reprogrammable—even the chargers—meaning that the problem is not confined to particular vendors, but to USB chips.
VIEW FULL STORY