wireless thumbdrive

[jlw]

http://www.sandisk.com/products/wireless/flash-drive/

I picked up one of these today. Looks like it will be quite useful.

[JHC]

Probably better than the original http://www.wired.com/2014/07/usb-security

[JV_]

USB was great when it came out, it's been a HUGE security issue for a number of years.

Russia tried to spy on the G20 summit by distributing infected USB drives and phone chargers.

DHS had projects where they planted USB thumb drives in the parking lot of government buildings just to see how many folks plug them in. When they're pretty, with logos and gold plating, almost 90% plugged them in ....

[TGS]

What's scary is that most people don't even realize how big of a risk they are.

I'm not even an IT guy, and I cringe when I hear people talking about passing them around to share media. Ideas floating around the tech guys at my workplace include automatic deactivation of a computer if a data sharing USB is plugged in without an admin password. Ditto for plugging in ethernet cables into private machines, ala DoD policy (at least when I was in).

I don't use them....so whatever. As long as I can still use my USB powered desk fan, I'm happy.

[RevolverRob]

Given the risks USB sticks are, an internet connection is, etc. It's pretty tough to imagine a world where any system that is linked to anything is safe, because frankly it isn't. I like the wireless thumbdrive, but it defeats the purpose of using an USB stick for most of what you need it for, which is moving files between machines that may not normally communicate. The number of folks using thumbdrives as backup devices is staggering to me, given that you can acquire a USB 1-2 terrabyte external harddrive for a bit more money and generate genuine, multiple daily/weekly/monthly backups.

I do like the wireless one for transferring files from something like an iPad, normally I can upload data I gather to a cloud server while traveling, but this would be useful for when I cannot use a secure network for that purpose.

-Rob

[mark7]

We use Goldkey 32 gb usb drives at work, they have hardware encryption and handle digital certificates.

https://www.goldkey.com/order-desk/

[JV_]

Those help with the security of the data at rest, but they still suffer from the same USB vulnerabilities as other drives.

[Bigguy]

Right at $4,000 for our Barracuda Web Filter, $3,000 for our Spam and Virus Firewall, and close to $1,000 per year on updated definitions. Can't tell you how thrilled I am about a thumb drive riding right past all of that in somebody's pocket right into our network. But they are not going away.
I keep both MSE and Avast on all our machines, but now there are firmware hacks that are not only almost undetectable by anti-virus software, but can infect any USB device on your platform. Mouse, keyboard, or any peripheral. If you detect that a computer is infected with a bad USB hack, that computer and every thing attached to it is now suspect. As the hack lives in firmware, it can't be directly detected or removed by anything currently on the market. And again, because the hack lives in firmware, not even nuke and paving the drive will clean it up. That machine and all peripherals simply has to come off the network and can't be used again.

EDIT: I tried to find the link I first found on this. I think it was a "Computer World" article. I didn't find that one, but here's another one that explains it pretty well.
http://arstechnica.com/security/2014...ces-turn-evil/

[JV_]

But they are not going away.

You need a corporate policy which disallows them, and then an AD GPO that disables removable media.

[Bigguy]

You need a corporate policy which disallows them, and then an AD GPO that disables removable media.

That will happen eventually, but only after some department goes down in flames with an infection, or it gets to be a popular buzz word in corporate circles.

On second thought I would be surprised if the The PCI Security Standards Council doesn't make it a requirement very shortly.