Posted on 07/13/2004 9:11:39 AM PDT by NotQuiteCricket
LONDON, England (Reuters) -- Music fans, beware: Britain's Ministry of Defence has become the latest organization to add the iPod to its list of high-tech security risks.
The pocket-sized digital music player, which can store thousands of songs, is one of a series of banned gadgets that the military will no longer allow into most sections of its headquarters in the UK and abroad.
Devices with large storage capabilities -- most notably those with a Universal Serial Bus (or USB) plug used to connect to a computer -- have been treated with greater suspicion of late by government agencies and corporations alike.
The fear is that the gadgets can be used to siphon information from a computer, turning a seemingly innocuous device into a handy tool for data thieves.
"With USB devices, if you plug it straight into the computer you can bypass passwords and get right on the system," RAF Wing Commander Peter D'Ardenne told Reuters.
(Excerpt) Read more at cnn.technology.printthis.clickability.com ...
Huh? How so? You would still be able to login to the computer, so see the USB device, correct? Help me out here people, cause this isn't making any sense to me.
Doesn't make sense to me, either... What's the big deal anyway? Uninstall the USB drivers and you're all set.
You are already logged into the computer if you are using it. The point is that any person in the building could copy files form any computer that is running. I carry 128 megs of USB storage on my keychain.
Uninstall the USB drivers? Can't do it on a Mac, and many computers now use USB keyboards and mice. Quite hard to lock down a computer unless your're using it as a terminal or kiosk.
Not with Plug-n'-Play, but wouldn't the same problem exist for USB flash drives? In other words, you can take those little keychain bob-sized devices, plug them directly into a computer's USB port and snag as many files as you want. The OS treats it just like another local drive.
Where this can *really* be a theft problem is on the Mac, where you can flat out steal software. Some dude got caught stealing Office X off a Mac at some computer superstore... all you have to do is plug in the iPod and drag the program files right onto the iPod.
US military has had this, and similar policies for a while.
> ... add the iPod to its list of high-tech security risks.
Trying to maintain lists of portable data/imaging devices
is a lost cause, and high-security facilities are going
to have to find another way to deal with these threats.
Sure, maybe you can keep people from plugging their
key-fob USB flash drive into a port, or from mounting it
to the filesystem if they do, but we're close to (past?)
the point where:
- clothing buttons are digital cameras
- eyeglass frames are digital camcorders
just to name a couple of obvious examples. We won't even
guess what the wristwatch might actually be.
In the not too distant future, a copy machine repairman
can expect to be blasted with EMP upon entry, to
neutralize all electronic devices on their person.
Then come the photonic devices, which have no metal at all...
Well, then why not make the pc case physically inaccessible?
I've got an extra 3 USB ports on my keyboard...but I agree that securing the hardware would go a long way to fixing this issue. (I'd think if someone were to do that, they would be sure to not have any extra USB ports outside of the secure area).
It depends on how paranoid you are about your employees. And I'd hope the military is VERY paranoid about their employees.
EMP wouldn't do anything to a device that doesn't have power running through it (I think). Also, I'm sure that if someone were to WANT to get in and get the information, they would shield their device/take counter measures.
Just go back to NT, which doesn't support USB.
Well, they should just make sure not to buy any of those keyboards, then :). Secure the back of the pc so no new devices can be plugged in (and the ones that already are, can't be pulled), and that's it.. Or just buy pc's with ps/2 connectors for keyboard/mouse and uninstall USB all together.
leave it to apple, to screw things up
Yep, makin' them blasted high volume storage thingies for digitial music is really irresponsible.
Or put them in a wiring closet, or go to citrix or some other terminal application (icki, icki) where you don't really need much of a computer, just a dumb terminal.
We go forth, and then we run back the other way.
(mainframe/dumb terminal to hotrod desktop PCs that kick ass, but are insecure to server/dumb terminal).
lol
THIN CLIENT. (Wasn't that the "rage" like, 5 years ago or something?!)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.