Simply plugging in a device can potentially be a threat, Moose. I don't
know how realistic or severe at this point.
Having dealt with a significant infection problem with students' USB sticks
before Microsoft wised up and turned off autorun by default, I can imagine
the mess that could be potentially made of any school network by a problem
like this one. It's virtually impossible to get compliance from all
students, and they're incredibly good at connecting devices unobserved in
order to do what they want.
On Tue, Oct 7, 2014 at 12:35 PM, Moose <olymoose@xxxxxxxxx> wrote:
> On 10/7/2014 8:40 AM, Daniel Sepke wrote:
>
>> In my view I think we need to wait and see if there are actually any
>> documented exploits, outside of international governmental espionage, that
>> actually affect devices and what ones. It seems that while the problem that
>> has been discovered is potentially very wide reaching there is little
>> chance that anyone is actively using this particular vector effectively
>> yet. The technical skill to break into the actual code in the firmware
>> appears to be very high and different for each one.
>>
>
> I'm a bit bemused by all this. As others have noted, the bios on my
> computers allows me to choose both which devices may be booted from and in
> what order. I'm sure that I have never had a computer of mine boot from USB.
>
> I've been trying to remember for sure. It seems that I've almost never
> connected a USB device that I didn't buy new. The only exceptions I can
> think of are a couple of used film scanners.
>
> For many of us, certainly not all, this is probably not a meaningful
> danger. Knowing that it exists is useful, but hardly something to lose
> sleep over.
>
> What is not clear to me, for people in situations like Candace (Nice to
> hear from you!) is whether simply plugging a USB device in is a real threat
> - and I'm too lazy to read/view all the material to which links were posted.
>
> You Should Be Moose
>
> --
> What if the Hokey Pokey *IS* what it's all about?
>
> --
> _________________________________________________________________
> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
> Themed Olympus Photo Exhibition: http://www.tope.nl/
>
>
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|