interesting to see the range of opinions in the NS articles' comments,
regarding the 'rights and wrongs' of the reaearch being disclosed.
On 04/07/2010, Anton Piatek <anton@???> wrote:
> On 3 July 2010 17:17, Dr A. J. Trickett <adam.trickett@???> wrote:
>>
>>> One [1] suggests that USB hardware can be used as a Trojan horse to
>>> steal your data.
>>
>> It's possible. Though there are probably easier ways to steal data.
>
> I was wondering about this - but what device would it have to identify
> as in order to have a driver load that reads data from the OS? Surely
> the security flaw here is purely with any drivers that allow a USB
> device to read system activity. I would hope any device that has such
> drivers would need to be explicitly configured after plugging in...
>
> If you wanted to hack something by plugging in a USB device, then
> surely nobody will notice an extra USB dongle hanging out the back of
> their PC (A colleague at work certainly didn't notice the extra mouse
> going to the next desk, which allowed weeks of fun as you "tweak" his
> computer usage by occasionally moving his mouse around or scrolling
> unexpectedly)
>
> Anton
> --
> Anton Piatek
> email: anton@???
> blog/photos: http://www.strangeparty.com
> pgp: [74B1FA37] (http://www.strangeparty.com/anton.asc)
> fingerprint: 7401 96D3 E037 2F8F 5965 A358 4046 71FD 74B1 FA37
>
> No trees were destroyed in the sending of this message, however, a
> significant number of electrons were terribly inconvenienced.
>
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------
>
--
regards,
Victor Churchill
The Software Shack, Ltd
