Topic: The safety of using USB sticks to transfer data from an offline machine - page 2. (Read 1630 times)
December 05, 2013, 02:36:48 PM
In what way does a write-protected USB stick prevent malware from spreading between the online and offline machines?
December 05, 2013, 11:37:56 AM
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.
Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
Write protect switches are advisory. Many many years ago, some models of enterprise SCSI drives had write jumpers that physically disconnected power to the write/erase head. Everything else should be taken to mean "please don't write on me".
Much safer is to use something like QR or a barcode, either on paper, or on a screen. If using QR, care should be taken that you don't ever read them with clever software. I use a scanner that simulates keystrokes.
What software do you use to produce the QR code and what scanner do you use?
December 05, 2013, 11:00:17 AM
use linux. every time destroy the filesystem on the stick, and recreate in a trusted/clean system.
Don't get me wrong, I agree a Linux based operating system would be a lot more secure, but, after all, it is a computer and could still be exploited.
but some linux dont automount and autorun apps when a stick is inserted. you only get a sdX and it's easy do wipe everything from it.
December 05, 2013, 10:22:34 AM
use linux. every time destroy the filesystem on the stick, and recreate in a trusted/clean system.
Don't get me wrong, I agree a Linux based operating system would be a lot more secure, but, after all, it is a computer and could still be exploited.
December 05, 2013, 10:20:33 AM
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.
Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
Write protect switches are advisory. Many many years ago, some models of enterprise SCSI drives had write jumpers that physically disconnected power to the write/erase head. Everything else should be taken to mean "please don't write on me".
Much safer is to use something like QR or a barcode, either on paper, or on a screen. If using QR, care should be taken that you don't ever read them with clever software. I use a scanner that simulates keystrokes.
December 05, 2013, 09:52:01 AM
use linux. every time destroy the filesystem on the stick, and recreate in a trusted/clean system.
December 05, 2013, 09:27:56 AM
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.
Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?
December 05, 2013, 09:18:41 AM
Being a little bit paranoid, I've been wondering lately if there is any real risk when transferring files via USB stick from an online machine, to a machine that will always be offline, and the other way around. For instance, if I'm using the offline Electrum wallet, and I want to make an offline transaction. At some point the USB stick is going from my offline computer to my online one. And then at another point that same USB is likely going to be put in the offline machine again. Is there any way for some kind of virus/malware/spyware to get on that USB stick and get transferred to the offline machine, and then in turn get transferred back to the online machine? Basically, my worry is that even though my netbook will always stay offline, is there any way for any data from it to be leaked via a USB stick, once that stick is put in an online computer? Maybe I'm being a little too paranoid, but I'm not that much of a techie, and was hoping to hear from those that are on this issue.
Jump to: