Posted on 11/12/2007 2:00:49 PM PST by Mount Athos
These drives often come with software to transfer from one’s old hard drive to the new one.
Were any of these sold in the US, I wonder.
The tainted portable hard disc uploads any information saved on the computer automatically and without the owner's knowledge to www.nice8.org and www.we168.org, the bureau said.
I feel like buying one of these drives, running the trojan, and saving lots of malware to my computer. ;-)
Just to the DoD and IRS...
But, grin, what fun! Hook it up to the DMZ port on my router so it is outside my hardware firewall and LAN... Go surfin' the web with IE, no security, no firewall, etc. Pick up as much trash as possible. Then connect up one of these drives and share the love! ;-)
So here is an interesting scenario. I have a business next to a military base, and sell several thousand blank disks to base personnel per year...some for private use and some for office use. I get this great hard worker named Wong who applies and has no issue accepting my low pay scale.
Wong is a great salesman. He sells disks by the hundreds each day...and even talks me into a discount plan for GI’s who flash a ID card.
Somewhere down the road...I walk into the storeroom...and find some really high effort underway to unpack the incoming shipments of disks...open them...and insert some unknown disks into the batch...repacking the whole disk pack.
I discover that Wong is selling a updated disk...which isn’t blank...and puts a program on the computer to allow open access via the firewall...either at the guy’s house or on the base network. It may take a million disks...but eventually one of them will find their way to the classified network...and then some interesting things could happen in a very short period of time.
You can smell trouble coming on this episode...and we will all suffer in the end.
You’re right. That’s one of the reasons why where I work there are a number of security rules. Among them:
No personal USB/jump drives, period.
No iPods, MP3 players in the facility, period. (similar to USB drives)
No cell phones, no bluetooth, period.
No wireless, period.
No personal PDAs, no sync with any un-official PDAs.
Thou shalt not install anything yourself. (sysadmins only)
Thou shalt never know the admin password. ;-)
Thou shalt not change the IE security settings.
Email and web access is through a dedicated firewall machine that employs various scanners.
Any CD/DVD brought in from the outside world must go through a dedicated (and isolated) virus/trojan scanner machine - even commercial audio CDs.
So in theory, if everyone follows the rules, and the scanner and firewall machines are kept up to date, something like your scenario shouldn’t happen. Still, we keep the really important stuff on a separte network and set of machines that are completely isolated from the outside world, and where removable media is simply not allowed, period. Only sysadmins may use removable media, and normal users are never root, don’t know the root password, etc.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.