USB security vulnerability



Just read this over at eweek…. USB devices can post a security risk.

There’s an “age old” adage in computer security (well – as far as computer security it’s old…) You can control a machine if you have physical access to it. This is yet another example. Essentially it sounds as though an attacker can gain administrative access by inserting a specially “programmed” usb key which can cause a buffer overflow in the USB device driver.

From the article “demonstrating a USB storage device that is programmed to automatically copy recently accessed files when inserted into a Windows PC.” This could be very bad news in certain environments. No need to site trying to break into the system, just plug it in and the recently access files are copied over. This is “hollywood movie style hacking/cracking” it wouldn’t seem to get much easier.

If you’re concerned about this kind of data theft, there are options though. Devicelock is one. Safend’s USB port protector is another. It is still worth making sure to restrict unauthorized access to “valuable”, data rich machines. Products like Devicelock and Safend’s protectors can slow down and make more complicated data theft, or tampering with a system, but it cannot be prevented. Give an individual enough time with physical access to a machine and they will get in.

Related Posts

Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 4 - Know your software Ok, so you've got a hardware firewall and you've got antivirus. You're safe right? Well, not entirely. I've mentioned the flaws of antivirus. It's always a step behind. A firewall doesn't protect against unknown viruses, so what else is there to do? I'm going to tackle this in two steps.......
  • Network Security guide for the home or small business network - Part 7 - Wireless Networking OK - the last couple of entries got into some heavy lifting and some real learning on your part. Learning about what software needs to run, what services are running, updating them to keep current on security patches. We even talked about securing services listening for outside connections and limiting......
  • How to Remove SystemVeteran | Removal Guide SystemVeteran is (yet another) variation from the wini family of rogue antivirus applications. Their last one prior to this was BlockProtector (BlockProtector Removal Guide) but it is a VERY long lived family and they are churning out one variation every two to three days. Most of these have the same......
Blog Traffic Exchange Related Websites
  • Hard Drive Data Recovery Guide   The same principle applies to Mac users too, there are tools that will help you recover deleted and lost files very easily.   Hard Drive Data Recovery From Crashed Hard Drive   It is trickier to recover data from a crashed drive, but by no means is it......
  • Creating a Blog Video Online About two years ago, blogging hit a surge that allowed its way into the mainstream, and now everybody is blogging for a wide variety of different reasons. Blogs resemble web-based public diaries of sorts, where the creator can record their thoughts, their opinions, questions and answers and essentially anything else......
  • Attempting a Digital Media Overhaul: Music, Movies, and Television Any Time, Any Place I've been thinking about overhauling my use of technology lately. Most of that is in the form of media consumption - music, television, movies, books, etc. (Side note: This seems to be a good place to plug my article on Saving Money on Movies, Music, Television, and Books - plugged!)......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site