Penetration Testing mailing list archives

RE: Hacking USB Thumbdrives, Thumprint authentication

From: "John Deatherage" <john () dtiserv2 com>
Date: Mon, 26 Jan 2004 13:39:45 -0800

Trek doesn't have a product manual up yet for the ThumbDrive touch, but it
does at least support two-factor authentication.  For basic three factor
authentication (we're making a best effort here), the "something you have"
would have to be the drive itself.  If people leave these stuck in their
laptops, they have to understand that it's like leaving your ATM card
sticking out of the slot.  Anyone that knows the setup is looking for your
bio and password can initiate a targeted attack.

After looking at their webpage, I was reminded that these things are
bootable devices.  Just a reminder to turn off all but local HD in boot
order in BIOS and implement a BIOS password.  Before deploying these at a
client, I would make sure that something like this in place... unless you
want another pen tester to use the drives against them ;)

-----Original Message-----
From: m e [mailto:mje () list intersec com] 
Sent: Saturday, January 24, 2004 9:31 PM
To: pen-test () securityfocus com
Subject: Hacking USB Thumbdrives, Thumprint authentication




I'm interested in research regarding hacking USB drives
unlocked with a thumbprint

http://www.thumbdrive.com/prd_info.htm

Or any thumbprint biometric hacking.

Client is considering USB drives to offload laptop data 
and at first glance seems like a better solution
than keeping sensitive data on laptops. Encryption software
on laptops requires more password management and software
hassles. The above device has no software drivers to install
so deployment headaches are minimized with (what seems) like
better security (obviously not maximum security) at low
deployment cost.

I'm guessing one can take the flash chip off the device
and plug into regular USB drive. Or rewrite the thumbprint hash.
Or hacks to fool the drivers. Or reverse engineer the
login program to always return "Yes".

Thanks,
dreez
mje () secev com





---------------------------------------------------------------------------
----------------------------------------------------------------------------




---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Hacking USB Thumbdrives, Thumprint authentication m e (Jan 25)
- Re: Hacking USB Thumbdrives, Thumprint authentication Craig Pringle (Jan 26)
- Re: Hacking USB Thumbdrives, Thumprint authentication Job de Haas (Jan 26)
- RE: Hacking USB Thumbdrives, Thumprint authentication John Deatherage (Jan 26)
- Re: Hacking USB Thumbdrives, Thumprint authentication Walter Williams (Jan 27)
- RE: Hacking USB Thumbdrives, Thumprint authentication Rob Shein (Jan 27)
- <Possible follow-ups>
- RE: Hacking USB Thumbdrives, Thumprint authentication Deras, Angel R./Information Systems (Jan 26)
  - Re: Hacking USB Thumbdrives, Thumprint authentication Volker Tanger (Jan 27)
- Re: Hacking USB Thumbdrives, Thumprint authentication m e (Jan 27)
  - RE: Hacking USB Thumbdrives, Thumprint authentication Rob Shein (Jan 27)
    - RE: Hacking USB Thumbdrives, Thumprint authentication sil (Jan 27)
  - RE: Hacking USB Thumbdrives, Thumprint authentication Jerry Shenk (Jan 27)
- RE: Hacking USB Thumbdrives, Thumprint authentication Atul Porwal (Jan 27)
- RE: Hacking USB Thumbdrives, Thumprint authentication Herbold, John W. (Jan 27)

(Thread continues...)