There is currently a ‘stink’ about this article:
These guys appear to have put a quite an amount of research into this subject and attack vector.
However I’m disappointed about how little research and citations of prior work they seem to have included, even if it is not based around USB devices it is still relevant.
Then there is the ‘case’ of the 3rd party publicly available code to reprogram the SAME USB device released BEFORE their presentation.
On Hacking MicroSD Cards