Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Gumming Up Your USB Drive: How and Why

    By
    Eric Lundquist
    -
    April 13, 2006
    Share
    Facebook
    Twitter
    Linkedin

      What happens when the data on your lost USB drive could get someone killed? Thats the question raised by the staggering and troubling lead story in April 13s L.A. Times.

      In that story, L.A. Times Staff Writer Paul Watson explains how for $40 an L.A. Times reporter bought a gigabytes worth of apparently sensitive American intelligence data on a flash memory drive being openly sold outside a major U.S. base in Afghanistan.

      The information, if authentic, obviously could be deadly if it fell into the wrong hands.

      Why was the data available for download to a flash drive? Why wasnt the data encrypted? Why werent the ports locked down on whatever system stored the original data? All good and compelling questions, and ones that raise fundamental issues about how the military handles security information in a war zone.

      /zimages/2/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      Im sure Watson and the U.S. intelligence establishment will delve deeper into how flash drives allegedly containing names, locations and contact information of individuals working with coalition forces became bazaar sale items.

      While those investigations continue, what can be done to prevent further information from being traded outside the Bagram air base? And what can you do to lock down information that can seep from your USB ports?

      Recently, I wrote a security guide for laptop users, which was spurred by a news story on a lost laptop that contained financial information for a large group of Hewlett-Packard employees. The guide drew a lot of response, including from a few readers who pointed to a recent news story about coffee drinkers getting their laptops swiped from under them as they sipped their lattes in San Francisco.

      But if a laptop containing your love letters gets swiped, thats one thing (although in one case it seems the swiping included a stabbing), while losing your contact information regarding informants in wartime is to experience a whole other, and deadly, level of cyber-crime. As a follow-on to Watsons story, what follows is a quick guide regarding how to lock down your computer, your data and your USB ports.

      Lock down your computer.

      I had a few readers point out that in security, often the simplest solution is the best. If your computer (and in particular your laptop) is locked to the leg of the desk, you are moving the possibility of theft to the most dedicated and brazen thief. This is the bicycle lock theory that only the more professional and well equipped bicycle thief will be willing to cut your bike lock.

      The most underused slot on your computer is the security slot, also called the Kensington security slot. For about $40 you can get a cable to lock down your laptop. Thats cheap insurance.

      Lock down your data.

      I dont know where to begin on this one. If you had some data that could result in someones death if it fell into the wrong hands, wouldnt you take care of it? Even making allowance for wartime contingencies, the lack of reliable data networks and the need to distribute information quickly to a widely dispersed group, you need to make sure your data is at least password-protected.

      I went into this in my guide mentioned above, but creating a password-protected folder is the most basic step, which should be followed by encryption. I also said it is a good idea to separate the data from the computer, and mentioned USB devices as one method. But, and it is a big but, using a USB does not absolve you from protecting the data via passwords (for the drive as well as the data) and making sure that USB drive never lies around unprotected.

      Lock down your drive.

      You can lock down your computers to make the USB drives unavailable. You can do this via the operating system, although you will be fiddling around with the registry entries, which can lead to all sorts of computer problems. If you still want to try this route, here is a link to Microsofts instructions for turning off USB access.

      If you want to avoid the risk of messing up your registry (which would probably mean having to reinstall the entire operating system), you can use a utility to manage your USB ports. Several companies make utilities that can allow you to manage individual ports, or just shut down all the ports until you get your security issues squared away. Two examples:

      • Safend
      • Device Lock

      So, you are in some remote place and you need to shut down your USB ports and you dont want to become an operating system software engineer and you arent going to download some utility and hope it works. You can always use glue or chewing gum.

      If you look at the business end of a USB drive before you insert it into your laptop, you see a small rectangular opening with four metal tracks for data transfer. Those tracks and tight connection are what make USB drives (including that iPod!) so fast at data transfer. Mess up the connection and you mess up the data transfer.

      Just as the Kensington cable lockdown is a simple but effective laptop security device, so is messing up the USB port. I will say that a USB port once properly messed up will probably always be messed up. Glue strikes me as something that will keep that port permanently shut off from the outside world. Gum would be faster, but I suppose a dedicated degumming operation would eventually get it back in shape. Screws or other metal stuck in the port will probably get you into trouble with the electronic innards of your system.

      Im looking for other suggestions.

      eWEEK magazine editor in chief Eric Lundquist can be reached at [email protected]

      /zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Avatar
      Eric Lundquist
      Since 1996, Eric Lundquist has been Editor in Chief of eWEEK, which includes domestic, international and online editions. As eWEEK's EIC, Lundquist oversees a staff of nearly 40 editors, reporters and Labs analysts covering product, services and companies in the high-technology community. He is a frequent speaker at industry gatherings and user events and sits on numerous advisory boards. Eric writes the popular weekly column, 'Up Front,' and he is a confidant of eWEEK's Spencer F. Katt gossip columnist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×