funsec mailing list archives
RE: Why iPods at Work are bad...
From: "Todd Towles" <toddtowles () brookshires com>
Date: Wed, 25 Jan 2006 16:31:52 -0600
Yet another reason why you don't allow iPod at work. http://reviews.cnet.com/4520-3513_7-6423090-1.html?tag=cnetfd.ld1 "Better yet, iPods also remember where data came from. Say you used a computer at work to copy a large, top-secret program to your iPod to take home. Coding within the file would tell investigators not only what machine (MAC address) but also what operating system (though file format also tells them that) and username was used. So if incriminating evidence is found on your iPod, they can connect it to a crime scene." They are almost impossible to santize when you are done with the device. For now..lol -Todd
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of D'Aloisio, Marc Sent: Wednesday, January 25, 2006 9:05 AM To: xyberpix () xyberpix com Cc: FunSec [List] Subject: RE: [funsec] Ideas for an iPod shuffle?? Might be able to be done with XP and autoplay - When I plug my USB jumpdrive into an XPPro machine, it gives me the option to autoplay. Maybe I'll try when I get a chance. Marc D'Aloisio, CISSP Network Security Analyst; Security Incident Response State of Connecticut - Department of Information Technology -----Original Message----- From: Xyberpix [mailto:xyberpix () xyberpix com] Sent: Wednesday, January 25, 2006 09:36 To: 'xyberpix'; D'Aloisio, Marc Cc: 'FunSec [List] ' Subject: RE: [funsec] Ideas for an iPod shuffle?? On Wed Jan 25 14:14 , 'D'Aloisio, Marc' <Marc.DAloisio () ct gov> sent:You could always put your forensic and analysis tools on it - I don't know much about the iPod Shuffle, but using regular USB drives - including many MP3 players, this is a very convenient way to have the tools available. The only issue is that I have not found agood way towrite protect the device to prevent damage or infection of the items contained on it.Already got a 1GB USB flash drive purely for that reason, so that's a no go.As far as hacking, just create a folder on it called 'stuff I stolefromwork' like in the ad, connect up to your work PC, and start copying. We'll read about you in the paper.Hehe, don't like the idea of being in the papers, but does anyone know of, or have any tools for a PoC here at work, that I could use to do the following: - Plug iPod shuffle into a PC - The iPod should then automatically copy everything from say "My Documents" or any other specified folder to itself. This should happen in the background, no hints that it's going on. - That's it. I've been looking for something like that for a while now, and this could be the perfect thing, as I've yet to prove that this is a risk to certain people here at work. xyberpix _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Why iPods at Work are bad... Todd Towles (Jan 25)
- Re[2]: Why iPods at Work are bad... Pierre Vandevenne (Jan 25)
- Re[2]: Why iPods at Work are bad... Pierre Vandevenne (Jan 25)
- <Possible follow-ups>
- RE: Re[2]: Why iPods at Work are bad... Todd Towles (Jan 26)
- Re[4]: Why iPods at Work are bad... Pierre Vandevenne (Jan 26)
- RE: Re[4]: Why iPods at Work are bad... Todd Towles (Jan 26)