Monday, May 22, 2006

iPod: Another Threat?

Simson Garfinkel, writing at the CSO blog, points out some security problems posed by iPods:

A lot has been written about the threat of iPods, digital cameras and USB memory sticks to information security programs. Because all of these are basically high-capacity storage devices, they make it easy for thieves (whether insider or outsider) to slip into your organization, quickly download a bunch of confidential docs, and then slip out—and all the while, you thought that they were just enjoying some groovy tunes. Thieves can hide corporate secrets on the SD card of a digital camera, and if they want to be really sneaky, they can even delete the files so that the information won't show up during a casual inspection. Then, when they get home, they can use an "undelete" program to recover the secrets.


But there is another important threat that portable storage poses to today's information systems. Plug an iPod or USB stick into a PC running Windows and the device can literally take over the machine and search for confidential documents, copy them back to the iPod or USB's internal storage, and hide them as "deleted" files. Alternatively, the device can simply plant spyware, or even compromise the operating system. Two features that make this possible are the Windows AutoRun facility and the ability of peripherals to use something called direct memory access (DMA). The first attack vector you can and should plug; the second vector is the result of a design flaw that's likely to be with us for many years to come.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home