SoK: "Plug & Pray" Today - Understanding USB Insecurity in Versions 1 Through C

USB-based attacks have increased in complexity in recent years. Modern attacks now incorporate a wide range of attack vectors, from social engineering to signal injection. To address these security challenges, the security community has responded with a growing set of fragmented defenses. In this work, we survey and categorize USB attacks and defenses, unifying observations from peer-reviewed research and industry solutions. Our systematization extracts offensive and defensive primitives that operate across layers of communication within the USB ecosystem. Based on our taxonomy, we discover that USB attacks often abuse the Trust-by-Default nature in the ecosystem, and transcend different layers within a software stack; none of the existing defenses provides a complete solution, and solutions expanding multiple layers are most effective. We then turn to the first formal verification of the recently released USB Type-C Authentication specification, and uncover fundamental flaws in the specification's design. We further evaluate the spec using findings from our systematization, and find that while the spec has successfully pinpointed an urgent need to solve the USB security problem, those flaws render its goals in vain. We conclude by outlining future research directions to ensure a safer computing experience with USB.