Pages:
Author

Topic: The safety of using USB sticks to transfer data from an offline machine - page 2. (Read 1646 times)

legendary
Activity: 1400
Merit: 1013
In what way does a write-protected USB stick prevent malware from spreading between the online and offline machines?
hero member
Activity: 900
Merit: 1014
advocate of a cryptographic attack on the globe
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.

Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?

Write protect switches are advisory.  Many many years ago, some models of enterprise SCSI drives had write jumpers that physically disconnected power to the write/erase head.  Everything else should be taken to mean "please don't write on me".

Much safer is to use something like QR or a barcode, either on paper, or on a screen.  If using QR, care should be taken that you don't ever read them with clever software.  I use a scanner that simulates keystrokes.

What software do you use to produce the QR code and what scanner do you use?
hero member
Activity: 525
Merit: 531
use linux. every time destroy the filesystem on the stick, and recreate in a trusted/clean system.

Don't get me wrong, I agree a Linux based operating system would be a lot more secure, but, after all, it is a computer and could still be exploited.
yes, only a destroyed computer cant exploited  Cheesy

but some linux dont automount and autorun apps when a stick is inserted. you only get a sdX and it's easy do wipe everything from it.
full member
Activity: 238
Merit: 109
use linux. every time destroy the filesystem on the stick, and recreate in a trusted/clean system.

Don't get me wrong, I agree a Linux based operating system would be a lot more secure, but, after all, it is a computer and could still be exploited.
kjj
legendary
Activity: 1302
Merit: 1026
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.

Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?

Write protect switches are advisory.  Many many years ago, some models of enterprise SCSI drives had write jumpers that physically disconnected power to the write/erase head.  Everything else should be taken to mean "please don't write on me".

Much safer is to use something like QR or a barcode, either on paper, or on a screen.  If using QR, care should be taken that you don't ever read them with clever software.  I use a scanner that simulates keystrokes.
hero member
Activity: 525
Merit: 531
use linux. every time destroy the filesystem on the stick, and recreate in a trusted/clean system.
hero member
Activity: 900
Merit: 1014
advocate of a cryptographic attack on the globe
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.

Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
newbie
Activity: 44
Merit: 0
Being a little bit paranoid, I've been wondering lately if there is any real risk when transferring files via USB stick from an online machine, to a machine that will always be offline, and the other way around.  For instance, if I'm using the offline Electrum wallet, and I want to make an offline transaction.  At some point the USB stick is going from my offline computer to my online one.  And then at another point that same USB is likely going to be put in the offline machine again.  Is there any way for some kind of virus/malware/spyware to get on that USB stick and get transferred to the offline machine, and then in turn get transferred back to the online machine?  Basically, my worry is that even though my netbook will always stay offline, is there any way for any data from it to be leaked via a USB stick, once that stick is put in an online computer?  Maybe I'm being a little too paranoid, but I'm not that much of a techie, and was hoping to hear from those that are on this issue.
Pages:
Jump to: