Tom Metro wrote:
Something like a USB Rubber Ducky could help implement this:
https://hakshop.myshopify.com/collections/usb-rubber-ducky/products/usb-rubber-ducky-deluxe
A pass phrase can be stored on them, and it'll replay it with the press
of a button.
...
With the discovery that you
Richard Pieri wrote:
Backblaze is near line storage: they fill up disks to capacity, spin
them down...
I believe they actually have a mix of usage scenarios. No doubt they
have some systems that operate as you describe, while others are more
like front line storage.
If this was not the case,
On Mon, Oct 06, 2014 at 03:06:44AM -0400, Tom Metro wrote:
If these drives look like an ordinary USB storage drive when first
attached, I wonder what they are using as a trigger to have them switch
into malicious keyboard mode? I don't think it can pose as both
simultaneously. The switch might
On 10/6/2014 3:06 AM, Tom Metro wrote:
If these drives look like an ordinary USB storage drive when first
attached, I wonder what they are using as a trigger to have them switch
They don't switch. A USB device can be only one kind (class) of device
at a time. This is set when the device is
It is, however, not difficult to have a USB device reset itself and then
change its answer when re-initialized.
*Drew Van Zandt*
On Mon, Oct 6, 2014 at 11:06 AM, Richard Pieri richard.pi...@gmail.com
wrote:
On 10/6/2014 3:06 AM, Tom Metro wrote:
If these drives look like an ordinary USB
On 10/6/2014 11:13 AM, Drew Van Zandt wrote:
It is, however, not difficult to have a USB device reset itself and then
change its answer when re-initialized.
USB doesn't work that way. Neither does BadUSB. If you flash a BadUSB
custom firmware to a USB device then that device becomes what you
Rich, I have designed hardware for several USB devices that can, in fact,
work that way. The USB VID/PID are just registers, they can be rewritten,
and kicking your own reset line is easy in most cases.
I'm not saying arbitrary USB devices can do this, I'm saying it is
trivially easy to design a
So, I'm kind of amazed there's still no fix for this, that I can find. I'd
like to know what you guys think...
In Ubuntu Server 14.04, straight out of the box (or fully updated), there's a
massive rash of errors in the apparmor profile files.
To put all apparmor profiles into enforce mode,
Last week I posed the question of how to set up full-disk encryption for a
small LAN, with central key management (for forgetful people like myself).
Today's marketplace faces a chicken-and-egg problem: users think encryption is
difficult so they've pretty much decided not to use it, vendors don't
