In a recent blog post, Bruce Schnier reports on an interesting tool called USBDumper. It does what it says - it dumps the contents of any USB stick inserted into your system, and does so silently. Perhaps the only 'weakness' is that USBDumper creates a folder on the desktop (thus there is a small visual clue - but you'd have to be aware and/or paranoid to notice!
As Schnier points out, security aware admins have long known about the issues surrounding USB devoices. But the folks who just use the devices without thinking could be in for a rude shock. Does your USB stick contain sensitive information (e.g. passwords, company financial information, etc)?
You can get USBDumper here - it's a RAR file that includes the source code.
No comments:
Post a Comment