Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft device helps police pluck evidencefrom cyberscene of crime
From: "Michael Neal Vasquez" <mnv () alumni princeton edu>
Date: Wed, 30 Apr 2008 15:16:28 -0700

Can't help but think of the Group Policy that disables
usbstor.sys.(http://www.petri.co.il/disable_usb_disks_with_gpo.htm for
some info)

Surely that driver could be replaced (with some windows file
protection workarounds as well, obviously) that would perhaps prompt
before allowing the device to be mounted?  Require a PW to allow it to
be mounted?

Just a thought.  I'd think something along those lines though, would
disable this tool.

On Wed, Apr 30, 2008 at 2:17 PM, Rob Thompson
<my.security.lists () gmail com> wrote:

 What is really baking my noodle though - how do we protect ourselves
 from these?  Because, one pissed off employee with one of these things
 could put an organization into some deep crap, real quick like...

 We really need more information on these devices...

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]