Generating and storeing keys on usb pen

Mark H. Wood mwood at IUPUI.Edu
Thu Apr 26 14:43:33 CEST 2007

On Wed, Apr 25, 2007 at 01:52:41PM -0500, Robert J. Hansen wrote:
> > USB is a peer to peer protocol; it requires substantial computing
> > power on both ends of the connection.  I'm just waiting for the first
> > virus which targets common USB drives; it would rip through colleges
> > and workplaces like wildfire.
> And then, literally minutes later, this crosses my desk:
> =====
> "Hackers debut malware loaded USB ruse"


> ... Moral of the story: be very careful where you go plugging your  
> USB tokens into, recognize they are infection vectors and infection  
> targets, recognize they can be compromised, and act accordingly.

Yes, that's something important to remember about any removable
storage medium.  But the two situations are not equivalent.  Placing a
trojan on a storage volume for someone to choose to run is not at all
the same as breaking into the logic of a device controller to plant
autonomous malware.  What evidence do we have that USB controllers are
reprogrammable once they leave the factory?

Mark H. Wood, Lead System Programmer   mwood at IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20070426/b21e2cce/attachment-0001.pgp 

More information about the Gnupg-users mailing list