Viruses and Malware
There is no known possibility of a virus getting in via micro:bit, for reasons listed here:
- While the micro:bit advertises itself as a USB mass storage device (like a memory stick), it is, in fact, a virtual device used only to copy programs or firmware updates onto it.
- The only two file types recognised by the micro:bit virtual drive are .hex (for programs) and .bin (firmware updates) all other file types are ignored. The .TXT and .HTM files that appear on the virtual drive are read-only, so cannot be edited.
- Each time you re-program the micro:bit, the previous code is erased
- The micro:bit has an inbuilt recovery firmware image baked onto the USB interface chip that is not user-changeable, so even if it is updated, you can always roll back to a working micro:bit.
Restricting device usage
It is also possible to restrict USB usage on computers with some knowledge of how the devices identify themselves
Confidential Data
The micro:bit can run a program that displays any data you wish it to display provided it is recognised by the micro:bit as a .hex file type. In schools and libraries, it is advised to transfer a simple program such as a 'heart' displayed on the screen at the end of the session. Alternatively, you can reload the original program shipped with all new V2 micro:bits called the 'meet the micro:bit' program, or if you are using a V1 micro:bit you can reload the original 'out of box experience' program.
The Microsoft MakeCode editor is a web-based application that automatically stores user programs in the browser's local cache. It is possible to use group policy settings or similar device management utilities to clear the browser cache on browser exit or logout, so there is no retained history between user sessions.
The micro:bit Python editor prompts the user to save any changes to the default program code before exit. If the user attempts to leave the site without saving their code (as .hex file), all changes to their code are lost.