I probably did miss the point. What I meant was, if it is about
*protecting* USB sticks from being tampered with, this can be done by
encrypting them so that a password must be entered before they can be
accessed at all. Obviously this won't work if the malware is present
before the USB is encrypted, or if the USB's firmware has itself been
corrupted, or if a non-encrypted USB can be plugged in. Formatting it
and then shredding its free space (e.g. via PGP or Symantec's Norton
Utilities etc.), or erasing all its contents (via PGP), should get rid
of any uploaded malware data - if the USB's firmware has not itself been
corrupted. Perhaps I am still missing the point ... 8-(
David Stokes wrote:
CM Poncelet wrote: Encrypt USBs with PGP and make them ISO-bootable, or use Aladdin eTokens
I think you missed the point re. the actual technical issue. But it's not a
bug, it's a feature. That's how USB has always worked. Pretty well anything you
plug into a computer might cause havoc. A News Site exaggerating as usual. Just
don't pass USB sticks around at a party.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
