RE: Why iPods at Work are bad...

["Todd Towles" <toddtowles () brookshires com>]

Yet another reason why you don't allow iPod at work.

 http://reviews.cnet.com/4520-3513_7-6423090-1.html?tag=cnetfd.ld1

"Better yet, iPods also remember where data came from. Say you used a
computer at work to copy a large, top-secret program to your iPod to
take home. Coding within the file would tell investigators not only what
machine (MAC address) but also what operating system (though file format
also tells them that) and username was used. So if incriminating
evidence is found on your iPod, they can connect it to a crime scene."

They are almost impossible to santize when you are done with the device.
For now..lol

-Todd


> -----Original Message-----
> From: funsec-bounces () linuxbox org 
> [mailto:funsec-bounces () linuxbox org] On Behalf Of D'Aloisio, Marc
> Sent: Wednesday, January 25, 2006 9:05 AM
> To: xyberpix () xyberpix com
> Cc: FunSec [List] 
> Subject: RE: [funsec] Ideas for an iPod shuffle??
>
> Might be able to be done with XP and autoplay - When I plug 
> my USB jumpdrive into an XPPro machine, it gives me the 
> option to autoplay.
> Maybe I'll try when I get a chance.
>
> Marc D'Aloisio, CISSP
> Network Security Analyst; Security Incident Response State of 
> Connecticut - Department of Information Technology
>
> -----Original Message-----
> From: Xyberpix [mailto:xyberpix () xyberpix com]
> Sent: Wednesday, January 25, 2006 09:36
> To: 'xyberpix'; D'Aloisio, Marc
> Cc: 'FunSec [List] '
> Subject: RE: [funsec] Ideas for an iPod shuffle??
>
>
> On Wed Jan 25 14:14 , 'D'Aloisio, Marc' <Marc.DAloisio () ct gov> sent:
>
> > You could always put your forensic and analysis tools on it - I don't
> > know much about the iPod Shuffle, but using regular USB drives -
> > including many MP3 players, this is a very convenient way to have the
> > tools available.  The only issue is that I have not found a 
> good way to
> > write protect the device to prevent damage or infection of the items
> > contained on it.
>
> Already got a 1GB USB flash drive purely for that reason, so 
> that's a no
> go.
>
> > As far as hacking, just create a folder on it called 'stuff I stole
> from
> > work' like in the ad, connect up to your work PC, and start copying.
> > We'll read about you in the paper.
>
> Hehe, don't like the idea of being in the papers, but does anyone know
> of, or
> have any tools for a PoC here at work, that I could use to do the
> following:
>
> - Plug iPod shuffle into a PC
> - The iPod should then automatically copy everything from say "My
> Documents" or
> any other specified folder to itself. This should happen in the
> background, no
> hints that it's going on.
> - That's it.
>
> I've been looking for something like that for a while now, and this
> could be the
> perfect thing, as I've yet to prove that this is a risk to certain
> people here at
> work.
>
> xyberpix
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.