lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun, 12 Jun 2005 23:34:11 -0400
From: Abe Usher <abe.usher@...rp-ideas.net>
To: bugtraq@...urityfocus.com
Subject: reconsidering physical security: pod slurping


pod slurping
------------

I've written a report that explores an idea that has been known by the 
security community for decades: physical security is important to 
information system security.

A year ago a report was published by the Gartner Group warning that 
iPods <http://www.apple.com/ipod/> (and other multi-gigabyte portable 
storage devices) pose a security risk for enterprises 
<http://www.infoworld.com/article/04/07/06/HNipodsrisk_1.html>. I've 
created an application (*slurp.exe*) that demonstrates this concept. 
When the program is run from an iPod, it can __very__quickly__  copy 
thousands of  interesting files* from a PC to an iPod.

The full article and proof-of-concept application are available at:
http://www.sharp-ideas.net

Cheers,
Abe Usher, CISSP

* Office documents, *.pdf,*.xml, *.dbf, *.log, *.dat, *.txt, *.csv, 
*.htm, *.url, et cetera

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ