> Given the recent social engineering test with USB > devices left around > a credit-unions lobby I would disagree.
That "test" is suspect, as it doesn't provide nearly enough information. By default, Windows does not parse the "load=" or "run=" lines of an autorun.inf file from removeable media. So, the question is, what about the "test" got the users to run the Trojan on the USB devices? ------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://windowsir.blogspot.com ------------------------------------------ --------------------------------------------------------------------------- ---------------------------------------------------------------------------
