Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft device helps police pluck evidencefrom cyberscene of crime

From: "Michael Neal Vasquez" <mnv () alumni princeton edu>
Date: Wed, 30 Apr 2008 15:16:28 -0700
Can't help but think of the Group Policy that disables
usbstor.sys.(http://www.petri.co.il/disable_usb_disks_with_gpo.htm for
some info)

Surely that driver could be replaced (with some windows file
protection workarounds as well, obviously) that would perhaps prompt
before allowing the device to be mounted?  Require a PW to allow it to
be mounted?

Just a thought.  I'd think something along those lines though, would
disable this tool.


On Wed, Apr 30, 2008 at 2:17 PM, Rob Thompson
<my.security.lists () gmail com> wrote:


 What is really baking my noodle though - how do we protect ourselves
 from these?  Because, one pissed off employee with one of these things
 could put an organization into some deep crap, real quick like...

 We really need more information on these devices...


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: