USB safety in an industry that likes to trade USB sticks

Reactions
117 4 0
#1
Hey all,

I never worried about this as much because I had a Mac, but I've recently switched back to a Windows machine at work, and I'm now a lot more concerned about how much my industry loves putting presentations on give-away USB sticks, which has some pretty obvious malware concerns. Aside from avoiding these giveaways as much as is humanly possible, does anyone have any specific recommendations on reasonably safe usage? If the answer is simply "run a virtual machine", does anyone have any recommendations?
 
Reactions
84 0 0
#2
Safest bet - never plug one in.
Second safest - always make sure everything is up to date (AV/Malware/etc), take a full backup of your important data and have it saved somewhere not connected to the PC - make sure all license keys and installs (if personal) or IT has backups of everything before plugging it in, then as soon as you do, scan the heck out it. Also, make sure it's not active on a network as to mitigate any viruses that go after network drives.

Alternatively, see (if you have an IT department) if IT would have a PC that can be rebuilt/reimaged and plug it in there first, then scan the heck out of it, or if they have a non-Windows PC to see what the contents are.

A virtual machine may work too, but you're still plugging it into a host PC, so that only mitigates it some.
 
Reactions
423 136 3
#3
Alternatively, see (if you have an IT department) if IT would have a PC that can be rebuilt/reimaged and plug it in there first, then scan the heck out of it, or if they have a non-Windows PC to see what the contents are.
IOW use someone else's computer :p

Seems like an excellent solution really. Test it out on a computer not attached to yours or even the network.
 
Reactions
1,154 299 12
#4
If the answer is simply "run a virtual machine", does anyone have any recommendations?
Unfortunately, the answer is NOT “Just run a virtual machine.” I only wish it could be that simple. Running a virtual machine WILL protect you from apps and such which autorun or which masquerade as legitimate content until launched/accessed, but a VM can only protect you from hazards which are contained within the data area of the drive, and there are so many other ways a USB drive can be prepared to make it attack your computer. There are devices which can mitigate these sorts of attacks, but they’re not a guarantee. There’s really only one way to ensure that evil USBs will not attack your computer, and that is to fill all your USB ports with hot glue or to somehow electrically disconnect them internally, because unless you can ensure that nobody but you ever has access to your computer, there’s always the chance that someone could poison it when you’re not looking.

So I guess the real lesson is... don’t plug anything into your computer that you don’t trust. Ever.

—Patrick
 
Reactions
399 161 3
#5
Keep a separate, old pc or laptop around just to check out these presentations, not connected to the internet or your network.
 
Reactions
1,154 299 12
#6
Keep a separate, old pc or laptop around just to check out these presentations, not connected to the internet or your network.
Trouble is, if a stick infects the USB firmware of the controller that's inside the computer, then every USB you plug into that computer going forward will be infected by the computer, so this only works if you test using a brand new, known uncompromised computer and then throw that computer away afterwards.

--Patrick
 
Reactions
117 4 0
#7
My IT felt has several layers of backups so that part isn’t too bad.

But the best option sounds like I should just ask someone else at the conference to email me the presentation, frankly.

Ah, well. Thanks, all!
 
Reactions
84 0 0
#10
Depending on the format of the presentation, you still aren't 100% safe with email or even P2P Wifi - many presentations can be infected with stuff as well, which is where a VM would be able to protect your main PC, or, again, an easily reinstalled separate from network PC to actually open it.
 
Reactions
413 218 1
#11
We used to get parts catalogs from some of our big vendors on USB sticks - almost 50% of them had trojans on them. It was such a hassle.
 
Reactions
651 119 1
#12
If your worry is the hardware of the USB and not the software, there are devices, usually a raspberry pi based device, that will copy the data from an unknown USB to a known one, so that the hardware never touches your machine
 
Reactions
146 49 0
#13
We used to get parts catalogs from some of our big vendors on USB sticks - almost 50% of them had trojans on them. It was such a hassle.
Wait, if they have Trojans on them aren't they safer? I mean, if you're going to plug it in anyway.
 
Top