Generating and storeing keys on usb pen
Mark H. Wood
mwood at IUPUI.Edu
Thu Apr 26 14:43:33 CEST 2007
On Wed, Apr 25, 2007 at 01:52:41PM -0500, Robert J. Hansen wrote:
> > USB is a peer to peer protocol; it requires substantial computing
> > power on both ends of the connection. I'm just waiting for the first
> > virus which targets common USB drives; it would rip through colleges
> > and workplaces like wildfire.
>
> And then, literally minutes later, this crosses my desk:
>
> =====
>
> "Hackers debut malware loaded USB ruse"
...
> ... Moral of the story: be very careful where you go plugging your
> USB tokens into, recognize they are infection vectors and infection
> targets, recognize they can be compromised, and act accordingly.
Yes, that's something important to remember about any removable
storage medium. But the two situations are not equivalent. Placing a
trojan on a storage volume for someone to choose to run is not at all
the same as breaking into the logic of a device controller to plant
autonomous malware. What evidence do we have that USB controllers are
reprogrammable once they leave the factory?
--
Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20070426/b21e2cce/attachment-0001.pgp
More information about the Gnupg-users
mailing list