USB or not USB
Please support our Hardware and Software advertiser: Programming Forums
Nov 21st, 2008, 12:51 pm
Interesting that the US Department of Defense has banned thumb drives. The problem is that they can carry viruses and infect computers - and if your nation's defense depends on these systems (and by extension in the case of the US so does the defense of the rest of the world) they need to be looked after. So no thumb drives, no CDs.
Umm...yes.
But if you're going to take this seriously let's have a look at other removable storage. Here's a list, top of my head, of potentially virus-carrying items I could lay my hands on in my office within 30 seconds:
'Flip' video camera
Still camera
Voice recorder
iPod
Phone
OK, it's only five and the voice recorder is really easily identifiable as storage. The media players and phones and particularly cameras are less so, though.
Tell you what. How about a new idea? Instead of all this stuff about singling out thumb drives and whatnot because they're a risk, how about ordering some new hardware - like PCs without a USB socket in the first place? We all know they're available, and if you really need a peripheral or something connected you could have a hub of some sort connected by WiFi. Then innocent people could carry their thumb drives, phones and cameras around with them without any need to worry - and malicious people with USB drives disguised as something else (I've seen pens, watches) wouldn't have anything to plug them into.
Someone's going to tell me why this idea sucks, I know they are. I just can't see the flaw in it from here.
Umm...yes.
But if you're going to take this seriously let's have a look at other removable storage. Here's a list, top of my head, of potentially virus-carrying items I could lay my hands on in my office within 30 seconds:
'Flip' video camera
Still camera
Voice recorder
iPod
Phone
OK, it's only five and the voice recorder is really easily identifiable as storage. The media players and phones and particularly cameras are less so, though.
Tell you what. How about a new idea? Instead of all this stuff about singling out thumb drives and whatnot because they're a risk, how about ordering some new hardware - like PCs without a USB socket in the first place? We all know they're available, and if you really need a peripheral or something connected you could have a hub of some sort connected by WiFi. Then innocent people could carry their thumb drives, phones and cameras around with them without any need to worry - and malicious people with USB drives disguised as something else (I've seen pens, watches) wouldn't have anything to plug them into.
Someone's going to tell me why this idea sucks, I know they are. I just can't see the flaw in it from here.
•
•
•
•
This blog entry was written by GuyClapperton. It has been filed under the Hardware and Software category. It has received 1,131 views, 3 comment(s), and 3 linkbacks. It was promoted to featured news status Nov 22nd, 2008.
GuyClapperton | Newbie Poster | Nov 24th, 2008
darrenw89 | Practically a Posting Shark | Nov 23rd, 2008
•
•
•
•
The main problem is that if people really want to get round whatever security measures you've put in place - they will. People have far more knowledge about various systems now than they did just a couple of years ago, need to email a report but it wont let you upload a file from an external source?
Someone in the office will always know how to get round it. Sure you could order a batch of shiny new base units with no USB ports. But they'll still have an internet connection, so you're pretty much back to square one.
Before any internal data theft occurs; someone somewhere believes they can do it. That's what companies need to work on - eliminating that thought. Once people believe they can; they'll most certainly try.
Someone in the office will always know how to get round it. Sure you could order a batch of shiny new base units with no USB ports. But they'll still have an internet connection, so you're pretty much back to square one.
Before any internal data theft occurs; someone somewhere believes they can do it. That's what companies need to work on - eliminating that thought. Once people believe they can; they'll most certainly try.
happygeek | He's The Daddy | Nov 22nd, 2008
•
•
•
•
Better still use appropriate security measures to prevent unauthorised devices from being connected in the first place, it is not rocket science. That way you still get the benefits of USB without the dangers. We do not want a return to the 'good old days' where IT Admins superglued USB ports to prevent them being used.
Related Blog Entries
- Yahoo Announces 'Green' Data Center Powered by Niagara Falls (1 Day Ago)
- Buy friends on Twitter (1 Day Ago)
- Neverland is Your Virtual Linux Playground (1 Day Ago)
- Pink iPhone 3GS is hot stuff (1 Day Ago)
- Sarah Palin Hacked Off (2 Days Ago)
Related Forum Threads
- USB does not recognize. (Peripherals)
- NT4 USB (Windows tips 'n' tweaks)
- wireless usb card (*nix Hardware Configuration)
- Please Help. USB Flash drive problem. (Peripherals)
- usb/keyboard problem (Peripherals)
- USB 2.0 PCMCIA into laptop (PCI and Add-In Cards)
- USB 2.0 (Windows NT / 2000 / XP / 2003)