Announcement

Collapse
No announcement yet.

ShmooCon 2011: USB Autorun attacks against Linux

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    ShmooCon 2011: USB Autorun attacks against Linux

    Presentation demonstrates how to defeat screensaver lock by plugging in a USB stick. The video is about 51 minutes long.

    http://youtu.be/ovfYBa1EHm4

    Some things to note:
    • The attack demonstrated is targeted at Gnome desktops, although there's nothing to say whether or not a similar attack could be crafted for KDE.
    • The presenter acknowledges he had to disable AppArmor to get his exploit to work.

    Welcome newbies!
    Verify the ISO
    Kubuntu's documentation
    Tags: None
    • Top
    • Bottom
    #2
    Re: ShmooCon 2011: USB Autorun attacks against Linux

    This is silly, IMHO. With physical access to a computer, OS security capabilities are irrelevant. The only thing that will offer some protection, in that case, is encryption on the (stolen) hard drive.

    Disclaimer: I am no security expert.
    • Top
    • Bottom

    Comment

      #3
      Re: ShmooCon 2011: USB Autorun attacks against Linux

      Originally posted by dibl
      With physical access to a computer, OS security capabilities are irrelevant.
      Correct, and mentioned in the video. Anyone with physical access to your PC has already pwned you.

      It isn't really silly when you consider that USB malware is quite common on other systems (i.e. Windows). I know that many Linux users don't believe in Linux malware, but I don't believe in the head in the sand approach to security. Better for admins to understand potential risks than to pretend they don't exist.
      Welcome newbies!
      Verify the ISO
      Kubuntu's documentation
      • Top
      • Bottom

      Comment

        #4
        Re: ShmooCon 2011: USB Autorun attacks against Linux

        Originally posted by Telengard
        Better for admins to understand potential risks than to pretend they don't exist.
        Right -- that is true enough. But really, all an IT organization can do is ban USB sticks from the premises (which doesn't necessarily prevent their infiltration ...), or else go back to dumb terminals with no USB connectivity. Hmmmm -- 1965 all over again! USB sticks are in fact forbidden from being brought into many defense-related facilities in the U.S., to my knowledge -- more due to their potential to create security and export-control breaches via unauthorized information transfer, than to prevent compromises on the internal computers.
        • Top
        • Bottom

        Comment

          #5
          Re: ShmooCon 2011: USB Autorun attacks against Linux

          Originally posted by dibl
          But really, all an IT organization can do is ban USB sticks from the premises (which doesn't necessarily prevent their infiltration ...), or else go back to dumb terminals with no USB connectivity.
          But USB memory sticks aren't the only security risk related to physical access. Consider this article about a real life event:

          Hardware keyloggers discovered at public libraries

          Hmmmm -- 1965 all over again!
          The inherent security of such old fashioned systems is not something to be scoffed at IMHO. Another advantage is that the limitations of dumb terminals prevents employees from playing on Facebook and Twitter.
          Welcome newbies!
          Verify the ISO
          Kubuntu's documentation
          • Top
          • Bottom

          Comment

          Previous template Next
          Working...
          X