BadUSB is bad news: malware that targets the firmware in your USB port's embedded system, bypassing the OS, antivirus software and other countermeasures.
Enter USG: a hardware dongle that sits between your USB port and untrusted USB devices: it will only pass a limited set of instructions and data between the two, not including the instructions used to trigger BadUSB.
This has limitations, though: the USG only supports a few classes of device (flash drives, keyboards, and mice), with more planned in future firmware updates — still, it beats the USB Condom approach, which makes your USB port useless for everything except charging. The open-source hardware dongles are hand-built by Robert Fisk in New Zealand, but you can download plans and build your own if you don't want to trust him.
You should prioritize devices that frequently move between computers, such as flash drives.
The USG can protect your secure computers from attacks from a bad device. It can also protect your device from attacks from infected computers (see the next question). A good idea is to permanently attach your USG to a flash drive, to ensure both your device and your computers are always protected.
USB devices that stay in one place such as mice and keyboards are a lower risk than devices that move around. However the paranoid should protect every device attached to their computer, as any programmable device can persist a malware infection across operating system reinstallations.
[Robert Fisk/Github]
(via JWZ)
