[ale] Usb Autorun Attacks Against Linux At Shmoocon 2011
Michael H. Warfield
mhw at WittsEnd.com
Fri Mar 11 17:51:21 EST 2011
On Fri, 2011-03-11 at 12:15 -0500, Ron Frazier wrote:
> I had been meaning to turn off autorun on my Linux systems anyway. You
> can do this from the Nautilus file browser. Go to edit, preferences,
> media. At the top, there are a number of individual media items that you
> can set to "do nothing". At the bottom is a drop down of lesser used
> media. For each one of these, you have to set a corresponding drop down
> below to "do nothing". There is no way to see all these options at once.
> After I save these, I go back in and check the "Never prompt or start
> programs on media insertion" checkbox just to be sure everything is off.
Yes yes yes...
Autorun == Evil in all forms.
At one time, Microsoft's Autorun was referred to as the "greatest
unpatched vulnerability that continues to exist after years in Windows".
They only recently forced the default to "off" for everything except
DVD's and CD's blithly ignoring the fact that CD-RWs / DVD+-RWs / U3 USB
CD partitions are all writable and, as a consequence, all exploitable
(do a google search on "evil USB key" and you will eventually find a
package for U3 enabled USB keys from years ago but it will be a long
search). They don't learn ("But it's a feature the users want.") and
unfortunately our community (who are not all security savey by any
means) are bound to emulate what is bad as well as what is good. Sigh.
We're not immune. Don't let anyone kid you. We are NOT immune.
> Ron
> On 03/11/2011 10:45 AM, Ron Frazier wrote:
> > I just ran across this after Steve Gibson mentioned it. It's a video you guys might like to see. I haven't had time to see all of it yet.
> > It looks pretty good after a few minutes.
> >
> >
> > Usb Autorun Attacks Against Linux At Shmoocon 2011
> >
> > http://www.securitytube.net/video/1393
> >
> > Sincerely,
> >
> > Ron
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110311/4b8f818e/attachment.bin
More information about the Ale
mailing list