[cryptome] Re: airgepped computer?--not for long maybe.

  • From: doug <douglasrankine2001@xxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Thu, 04 Dec 2014 18:49:43 +0000

Hi Shaun & All,
Try keyword search: usb stick vulnerabilities...came up with a lot of stuff..

On 04/12/14 17:09, Shaun O'Connor wrote:
Ad to that, a report I read elsewhere( but stupidly failed to take note of the url) would seem to indicate that nigh on 50% ot usb sticks in circulation have known vulnerabilities but no one apparently knows which ones.



On 04/12/2014 16:18, Andrew Hornback wrote:
Coming a little late to the game here... but, wouldn't the products on this page (note: I'm not associated with this site or endorsing their products - it turned up as a result in a quick search via Google for TEMPEST) eliminate a good deal of this attack vector?


Reduce or eliminate the emissions from the systems and you've negated a good portion of the risk.

What's troubling from the Wired article is this - "Generally the most common method for infecting air-gapped machines is a USB flash drive or other removable media." Anyone who's ever done the least little thing with regards to ITSEC would know that once you lose physical control over a system, you're compromised. In an environment that requires an air-gap level of security and scrutiny, to allow removable media (especially USB drives) unfettered borderlines on the infinitely stupid.

--- A

On Mon, Nov 3, 2014 at 9:05 AM, Shaun O'Connor <capricorn8159@xxxxxxxxx <mailto:capricorn8159@xxxxxxxxx>> wrote:

    If people are using air-gapped computers in the mistaken belief
    that the system is secure. this article should send a shiver up
    their collective spines.



*_PRIVACY IS A BASIC RIGHT - NOT A CONCESSION _* https://www.eff.org/deeplinks/2014/11/when-time-comes-we-need-be-ready-fight-tpps-secret-anti-user-agenda

Other related posts: