Hello ! I'm not sure that this exploit affect only Windows system. Autorun != USB stick firmware. Autorun is a part of the Windows system wich configure the device when it's mounted. (See : https://en.wikipedia.org/wiki/AutoRun for more information about)
The USB stick firmware is like the BIOS... Without it your stick can't run. All hardwares provide an embedded firmware. The 'BadUSB' exploit this firmware and there's multiple possibility to do malicious things. >>> 0. The final claim is that once infected, you'll always be infected >>> because disinfection is nigh impossible. I'm very sceptic if you can infect that firmware it's possible to disinfect it. But yes it must be very difficult to detect that. >>> Meh. The same could be said >>> of the firefox exploit of the week. It too can reprogram your bios or >>> persist itself in any number of ways. Yes of course, but that technique is a new vector of infection very powerfull. With that you're able enter in closed network. (If the exchange USB stick of course). >>> 1. They're exploiting all manner of Windows specific autorun >>> functionality to install or configure drivers. By default, OpenBSD >>> will do just about nothing when a USB device is plugged in, so this is >>> not a serious concern. It's not an AutoRun exploit :) >>> 2. They have created a rogue keyboard device which will type naughty >>> commands. In theory, the same keyboard could type "rm -rf ~" into an >>> xterm. Here's the interesting part. I think with that technique you can spoof a keyboard. Even in OpenBSD, when you plug a keyboard or a mouse OBSD detect it and you can use it directly. The infected USB can tell to the system : "I'm not an USB stick but a keyboard". With that fact I'm sure there are a lot of malicious possibilities. Cheers ! Fabien Franchini
