What is BadUSB?
Every USB device contains a small computer program called firmware. BadUSB refers to when a USB device's firmware is programmed to attack the host computer. It can send malicious commands through the USB port, gaining control of your computer or intercepting your communications.
What is Armadillo?
Armadillo is a high-speed USB 2.0 firewall that everyone can use. It connects between your computer and your USB device, isolating malicious firmware and keeping your computer safe.
Armadillo is based on the USG, the original open-source USB hardware firewall. So-called because it is Good, not Bad, the USG is used by customers around the world and its open-source firewall technology has stood the test of time.
What devices does Armadillo support?
The Armadillo supports mass storage devices (flash drives), keyboards and mice.
Which is better – Armadillo or the USG?
Both Armadillo and the USG use the same firewall technology, provide the same level of protection, and support USB storage devices, keyboards and mice.
The Armadillo is best for flash drives and hard drives where its high-speed USB 2.0 hardware enables quick file transfers.
The USG is the most cost-effective way to protect and isolate your USB keyboards and mice. It is also suitable for enthusiasts and developers who want to analyze its open-source software.
How does Armadillo protect me?
Armadillo passes USB data through an internal firewall with a very simple protocol. This simplicity has many security benefits:
- Blocks malicious USB commands from reaching your computer, so that malformed or unexpected data cannot exploit your operating system's USB drivers.
- Protects your USB device firmware from infection by an malicious computer, preventing BadUSB infections from spreading to your device.
- Blocks hidden USB functions that can potentially execute system commands or intercept network traffic. Hidden USB functions can even be hidden inside USB cables. Armadillo allows only one USB function to be active, and prevents re-enumeration as a different function until power is cycled.
Armadillo's firmware also includes additional security features:
- Blocks bot-like input from keyboards and mice attempting to enter malicious system commands when you are not at your computer.
- Optional Read-Only mode protects files on your storage device from modification by a malicious computer.
What operating systems does Armadillo support?
Everything. Besides Windows, Mac OS, and Linux, embedded systems with USB ports are also likely vulnerable to a malicious USB, so you should use an Armadillo with them as well.
Where is Armadillo made?
Armadillo is manufactured in New Zealand by trusted local suppliers under Globotron’s supervision. To ensure Armadillo’s integrity, production will never be outsourced to another country.
Globotron then assembles and packs every Armadillo to ensure the integrity of every single unit. The supply chain of Armadillo is strictly controlled, to ensure that absolutely nothing is compromised.
Will Armadillo protect me?
We believe Armadillo gives you the best protection against BadUSB devices you can get.
Don’t forget that if you accept files from third parties, those files may also contain viruses. So you still need to use antivirus software or harden your operating system.
Should everyone who uses USB flash drives and hard drives use Armadillo?
Yes. We believe that if you share USB flash drives and hard drives you are at great risk – unnecessary risk – without Armadillo.
Even if you never share USB devices between computers, a supply-chain attack could lead to your keyboard or mouse compromising your computer. And advanced malware can infect USB devices to persist between operating system re-installs.
Can I use a USB hub with Armadillo?
Armadillo does not support hubs on its downstream (device) side, for a very good reason. A malicious USB device can hide a hub inside itself to connect a second function, which can then do unexpected bad things to your computer. So the rule is one Armadillo, one USB device.
Note: you can use hubs on the Armadillo’s upstream (computer) side. However, this does come with a security risk as that hub can also be programmed as a BadUSB and attack your computer. Think twice before using a hub, particularly one that has been attached to other computers.
Can the Armadillo protect me from the USB Killer?
The Armadillo is designed to protect your computer from USB malware attacks, rather than deliberate physical damage. The information in your computer is more valuable than your computer itself, and the Armadillo defends you against attacks that compromise your information.
But having said that, the Armadillo will provide some protection. The voltage surge will pass through and damage two microprocessors and two ESD surge suppressors before it reaches your computer. The Armadillo’s circuits will be destroyed, but the voltage surge will probably be reduced to a safe level at your computer's port.
I'm super paranoid. Can I disable support for some types of USB device?
Armadillo can be programmed with custom settings to support only the devices you need. Contact Globotron to place a custom order.
Does Armadillo have a red flashing light to tell me when a USB device is bad?
No*. It is not possible to determine whether a USB device is good or bad. A bad device may 'act good' for days or weeks before launching an attack. A bad device may also use host profiling to determine whether it is connected to a vulnerable host (your computer) or not (your Armadillo) and alter its behavior accordingly.
*Actually, yes. Armadillo does have flashing error LEDs. But they can only tell you that something has gone wrong, due to buggy devices or problems with the Armadillo’s firmware. They cannot tell you with any certainty whether a BadUSB attack has been attempted. The good news is that whatever the cause of a fault, Armadillo will immediately shut down and disconnect itself from your computer before flashing the error LEDs.