Olympus-OM
[Top] [All Lists]

Re: [OM] The scariest computer security problem I've ever seen

Subject: Re: [OM] The scariest computer security problem I've ever seen
From: Scott Gomez <sgomez.baja@xxxxxxxxx>
Date: Mon, 6 Oct 2014 08:43:41 -0700
The question for end users of the devices--of any USB device--is whether
the device is updatable. If it is, it is unsafe to use unless it has been
used only on your own machine AND you know that your own machine has never
been compromised with code that rewrites USB.

One of the things mentioned in the video was that for Linux systems, they
were unable to infect anything other than user space. The attack would be
considerably more difficult there, as an attacker would have to install
executables to act on logged keystrokes, then attempt to elevate privileges
once the password is known. (A determination I think would be difficult to
make automatically)

The same should be true of Macintosh machines, for the most part, as both
Linux and Macintosh use the more robust security model descended from Unix.

In the Linux and OS/X worlds, a USB exploit would have to somehow install a
keylogger, and compromise the network (change DNS, add a controller, etc),
and then communicate back to a human to examine the key logs in order to
escape user space. On my system, for example, the network cannot be changed
without elevated privileges. So while the keylogger injection would likely
succeed, how would data from that logged session get sent back? Security
software would not allow creation of a network session that is not attached
to an existing process, nor could the malware modify existing software
without already having determined how to elevate privileges.

Windows, as ever, is an easier nut to crack.
On Oct 6, 2014 6:37 AM, "Chris Trask" <christrask@xxxxxxxxxxxxx> wrote:

> >
> >And now, having watched it, I agree with the conclusion of the presenters:
> >the only way to prevent this is to provide a hardware fuse that is opened
> >in manufacturing, before the device is shipped, to prevent reprogramming.
> >Of course, that simply shifts the burden of security to the
> manufacturers...
> >
>
>      I'm surprised that they don't do this already.
>
>      Is this problem true for ALL USB flash drives, or is it something
> new?  I only use the older USB 1.0 Memorex flash drives so I can go between
> the WinXP laptop, the office Win98/SE machines, and the continunally
> updated ASU library computers.
>
>
> Chris
>
> When the going gets weird, the weird turn pro
>      - Hunter S. Thompson
> --
> _________________________________________________________________
> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
> Themed Olympus Photo Exhibition: http://www.tope.nl/
>
>
-- 
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/

<Prev in Thread] Current Thread [Next in Thread>
Sponsored by Tako
Impressum | Datenschutz