Wednesday, August 13, 2003

Flash 'Keychain' drives - The latest big-time security risk

Although the advent of things like zip disks and cd burners definitely moved the floppy disk drive to its grave, the Flash-Memory based 'keychain' drives are going to be the final nail in its coffin. In fact, the only major advantage that floppy drives had over the keychain drives was that you couldn't boot off of one. But that's about to change.

C|Net reported today that M-Systems - manufacturers of both their own DiskOnKey brand and white labelers for the likes of HP and IBM - has announced that they have developed a bootable version of their increasingly popular usb drive. This feature also adds to the ability of some of these systems to automatically run an application when they are plugged into a computer. This could lead to all sorts of trouble. Let's talk in the hypothetical for a second:

John Doe works for SomeTech, in their IT dept. He has configured laptops for all of their consultants and has setup special 'backup and rescue' versions of these drives that a)Initiate a backup of certain directories when plugged in, and b)allows a rescue boot of a computer when it crashes.

John gets fired. The system administrators have revoked all of his accounts privleges, and he can't access their computers from home. What does a disgruntled employee do? John recruits a friend to have him get his 'resume' off his old machine. All his friend needs to do is stick a USB drive into John's old computer and then retreive it the next day. What John's friend doesn't know is that his USB drive is programmed to reboot his old computer, take over the system, and allow John unfettered access to both it, and the rest of the network. by the time his old bosses know what has happend, its too late.

....and that is only the beginning.

No comments: