New Toy For Skiddies?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: New Toy For Skiddies?

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    New Toy For Skiddies?

    I saw this:

    http://www.technewsworld.com/story/software/55947.html

    And thought "every skiddie must have one". Sure the technology is already there but you need to have some knowledge to set it up. This one comes pre-packaged, and lets you boot Linux on any unprotected PC.

  2. #2
    Senior Member PacketThirst's Avatar
    Join Date
    Aug 2004
    Posts
    258
    Nice find nihil ! I found it pretty funny ! ... Isn't it taken for granted that if some has physical access to a box, its owned.

    According to Turbolinux, the idea behind the device is "to turn all the world's computer[s] into your PC."
    Okay, Dr.Evil is interested... But, what if USB boot is disabled ?


    "The Wizpy sounds most promising because it requires no setup," Benjamin Gray, an analyst at Forrester Research, told LinuxInsider. "The two 1 GB and 4 GB Wizpy models allow plenty of storage capacity for documents and images, although it may pose a problem for larger music and video files."
    I wonder if he has been living in a cave for the past ten years...

    Its one of those lame attempts by the Japs to squeeze the green out of wannabe elite adolescents.

  3. #3
    Member
    Join Date
    Sep 2006
    Location
    At a keyboard
    Posts
    82
    Hopefully you disable booting from CD as well or Im sure the SLAX boot cd for usb devices could be modified to boot the new toy.
    http://linux.softpedia.com/get/Syste...CD-18390.shtml

    Of course if someone is booting the box from a USB drive, more than likely they have physical access.

  4. #4
    Senior Member alakhiyar's Avatar
    Join Date
    Dec 2006
    Location
    Land of Oryx
    Posts
    255
    I was wondering what a skiddie is myself.

    I learned something new every day:



    In computing, a script kiddie (occasionally script bunny, script kitty, script kiddo, "skidiot", skiddie or Victor Skill Deficiency (VSD) and even lamer) is a derogatory term for inexperienced hackers who use scripts and programs developed by others, without knowing what they are or how they work, for the purpose of compromising computer accounts and files, and for launching attacks on whole computer systems (see DoS). In general, they do not have the ability to write these kinds of programs on their own. Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, and Metasploit.

    http://en.wikipedia.org/wiki/Script_kiddies
    (\__/)
    (='.'=)
    (")_(")

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Yes, an attacker would need physical access, but that is exactly what you give a user is it not?

    It is question of degree of physical access though. It is quite easy to surreptitiously put in a CD, DVD, floppy or USB device. Attaching another computer or opening the case is a bit more obvious...........so there are levels of physical security.

    The interesting thing about this device is that it "lies" to the system and says it is a bootable CD/DVD. It does that right out of the box......... no modification required.

    on first analysis I guess that I would:

    1. lock the BIOS
    2. lock the case (physically)
    3. set the boot order to only boot from the HDD.


  6. #6
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Sigh, i am changing my settings now! And where is that key for my case.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  7. #7
    Senior Member PacketThirst's Avatar
    Join Date
    Aug 2004
    Posts
    258
    You have a nice point there nihil ! ... But, TurboLinux is making it sound like its "unstoppable" and "uber cool".
    According to Turbolinux, the idea behind the device is "to turn all the world's computer[s] into your PC."
    I don't think they are talking about physical access here ... lol !

  8. #8
    Senior Member alakhiyar's Avatar
    Join Date
    Dec 2006
    Location
    Land of Oryx
    Posts
    255
    interesting, wish I'd seen that a couple of weeks ago, as I had a customer recently ask me if our AV software would protect against script kiddies. I had no idea what he was on about!
    (\__/)
    (='.'=)
    (")_(")

  9. #9
    Member
    Join Date
    Mar 2007
    Location
    Noida
    Posts
    34
    Hi,
    I work for a small company called IndiaEsecure.com
    Recently we had a client who came to us regarding fears of his sensitive data (clientís financial records) being stolen form his computers by his own workers.
    Here are some measures we took, we removed all his cd rw, floppy drives and USB drives from the workers computer also removed internet access from windows. We installed Linux in it to allow internet access and removed the 'Fstab' from Linux. So now the user cannot access the fat partion in windows, and send the data as document.

    What we teach is this, if some one has physical access to a computer itís only a matter of time before you data is stolen.

    Like wise...if the Skidde has a physical access to the computer an even if the USB boot option is disabled and the bios is password protected, all he has to do is open the box, remove he battery ad whola!

    Well he could also use a Live CD for that (Backtrack) but then I guess that stealing data would again require a USB drive.

    You can also use Damn Small Linux to boot off a pen drive (9 MB only)

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    It isn't quite as simple as that.............. if the case is locked, BIOS is protected and you can only boot from the HDD, you would be forced to boot Windows and invoke its security policies.

    Also, just try going into an open plan work area and try taking a machine apart in front of everyone?

    I wasn't particularly thinking of stealing data either. Not a typical skiddie activity as I see it?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •