USB Switchblade: analyzing a threat

In another thread, Ice_Czar posted an article on malware, named USB Switchblade. Since further discussion of this would veer away from the original topic, I'm making a new thread.

Articles like that one are frustrating because they give no details about how the exploit "gets into the system." No basis for analysis. So, you have to dig further.

http://www.everythingusb.com/usb_switchblade.html

End of threat. Or should be. What home user here has a personal computer that could be accessed by an unauthorized user?

If corporate, same thing: can anyone else access your computer at work without your permission? (omitting someone taking it apart, etc; also omitting what company policies permit monitoring, etc).

If, in some unusual circumstance unauthorized access to your computer occurred, then:

http://www.hacksafe.com.au/blog/2006/09/07/stealing-passwords-with-the-usb-switchblade/

http://www.usbhacks.com/2006/10/07/usb-switchblade/

Could someone insert a USB drive and run a program that wasn't already installed on your computer?
Try it. Put a program from a friend's computer on a USB drive and see if it will run on yours. Just some little freeware that is a self-contained executable. If it runs, then that aspect of your security needs bolstering. See the "other anti-malware software" forum.

If you analyze threats and take them back to the point at which they are installed, you find that the techniques haven't changed much, and can be dealt with in a logical way.

regards,

-rich

________________________________________________________________
"Talking About Security Can Lead To Anxiety, Panic, And Dread...
Or Cool Assessments, Common Sense And Practical Planning..."

--Bruce Schneier​

 

Hello,
Physical access = game over.
Mrk