I spoke at this year’s Code Camp (2014) on you know what, Cortana. đ
Here’s the easy link to the presentation materials.
#TallyCC
Month: October 2014
Itâs time to let USB drives go the way of the DodoâŚ
⌠because they are insecure in a fundamental way that currently isnât defendable or fixable.
UPDATE: I’ve edited the section dealing with alternatives after some further research.
Hereâs the background:
Worse yet, you see in Article #2 above that the exploit is IN THE WILD AND FREELY AVAILABLE.
So what are we supposed to do? The alternatives are simple:
- Use Cloud services.
– Such as OneDrive, Dropbox, Box, Google Drive, etc.
– The downside is that you have to be connected and allowed to reach that service to get your files. - Use other storage media.
– The SD card family (standard, mini, micro, etc).
– The first downside is that SD cards arenât supported by everything.
– The second downside is that, hands down, USB is the current ruler of connected media.
– The third downside is that SD cards also have a controller chip inside and eventually those might be co-opted like the USB controller chips have. - Use storage media that has a different physical interface.
– FireWire is a good example.
– Unfortunately, the same issue exists here because drives using this cable standard have controller chips too. - Use storage media that ha no physical interface.
– WiFi Drives are currently a decent alternative but are not intuitive enough for everybody, and open up a whole different can of worms.
If these things arenât feasible then you can still purchase brand new drives from âbig boxâ stores (BestBuy, TigerDirect, etc.). Just be aware that youâre potentially in the same boat as if you had an infected USB drive. Infected drives infect the machines they are plugged into, and infected machines infect USB drives that are plugged into them. As of right now thereâs simply no âprotectionâ for this type of infection.
Thoughts from "him" 