Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft device helps police pluck evidencefrom cyberscene of crime
From: "Ivan ." <ivanhec () gmail com>
Date: Thu, 1 May 2008 10:47:52 +1000

more info

http://www.news.com/8301-10789_3-9932600-57.html?tag=blog.promos

On Thu, May 1, 2008 at 9:00 AM, coderman <coderman () gmail com> wrote:
On Wed, Apr 30, 2008 at 2:17 PM, Rob Thompson
 <my.security.lists () gmail com> wrote:

...
 >  > Meaning if you disable autorun on all USB/Firewire/"hot-plug" devices
 >  > does it potentially eliminate this threat?
 >
 >  I doubt it.  They probably have something coded into the device that
 >  works with something "special" within Windows.  But again, just an
 >  assumption.  I haven't gotten my paws on one of these yet.  Though I'm
 >  sure that it you look hard enough, it can be found.

 you'd have to epoxy over those ports.  putty epoxy in the USB,
 firewire, PCCard , and related slots.  it's been done, for regulatory
 compliance.  works great.  gets your hands messy.

 but seriously, who will take such measures on their home PC?

 last but not least, the cold boot disk encryption attacks showed how
 even the plugged ports could be worked around with a quick reboot and
 a can of keyboard cleaner...



 _______________________________________________
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault