Results 1 to 10 of 20

Thread: USB coffee-cup warmer could be stealing your data

Hybrid View

  1. July 11th, 2010, 09:10 AM #1
    instronics
    instronics is offline
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Hello everyone

    Very interesting indeed. Now i have a nooby question regarding this. Would this threat affect 'any' OS by default? Or would it be like viruses, that have to be individually created for a specific OS? This also might be affected by what kind of data is to be collected (hence a NIC might be different from a keyboard) etc....

    Bottom line (to be a bit selfish here), would a slackware system be affected by the contents of this article, or would it have to be a very custom hardware device specifically 'for' slackware?

    In addition... what do you folks recomend as a countermeasure?

    Cheers.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"
    Reply With Quote Reply With Quote
  2. July 11th, 2010, 11:14 AM #2
    SnugglesTheBear
    SnugglesTheBear is offline
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    Plug n Play is the main culprit. As long as you are not running that, you should be okay. Slackware by default does not have PnP running I do believe.
    Reply With Quote Reply With Quote
  3. July 11th, 2010, 03:18 PM #3
    nihil
    nihil is offline
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmmm,

    Most of the answer is physical security and vigilance. For a human interface device you should notice that it has been substituted by a new one? and it would be nearly impossible to exactly match the individual characteristics that they soon pick up. Also a lot of my stuff would be hard for an attacker to find, either because of its age or obscure manufacturer.

    As we are talking about hardware and firmware; then anything that will run on your system or in your environment will also run the malware as soon as it gets recognised by the BIOS. The mitigation here would be that as you are not running FAT* or NTFS, it probably wouldn't be able to do much, unless it can phone home or you have poor physical security that lets people at your systems unattended and with the ability to launch bootable media.

    My basic point is that we are talking about the hardware level interface here, not the OS/application (user) level one, so Slackware won't protect you, even by obscurity.

    A great mitigation is the fact that malware authors are percentage players and always go for the low hanging fruit. Most of the attacks we are discussing (apart from PnP) are just too much effort for them IMO.

    Mostly I guess that this sort of stuff belongs in the realms of theoretical research, rather than real life, but I would be slightly more wary of publicly accessible systems nowadays?

    Just my £0.01
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  3. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM
  4. Information Leakage from Optical Emanations
    By E5C4P3 in forum Miscellaneous Security Discussions
    Replies: 5
    Last Post: March 7th, 2002, 07:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules