Click here to receive your FREE subscription to Campus Technology
Security Focus
Hacksaw Cuts Road Warriors
8/10/2007
After checking into the conference hotel two days early, I proceeded to
the hotel's business center where I briefly plugged my USB Flash Drive
in each of the computers available to guests. I then returned to my
room to prepare for an evening on the town. The next morning I checked
out of the conference hotel and checked into nearby hotel because many
of the arriving conference attendees might recognize me as the CTO of
their primary competitor. That evening I begin checking a bogus e-mail
account that I had set up earlier, and, sure enough, data was beginning
to come in. By the second day it was pouring in so fast it was hard for
me to keep up. The contents of any USB flash drive plugged into any of
the computers in the business center at the conference hotel were being
sent to me. I quickly trashed items such as family photos, music and
spreadsheets of personal investments. By the end of the conference I
had gigabits of confidential information from my company's top
competitor. Fortunately, the preceding paragraph is fiction; I really didn't to that. But I could have, and that's scary. Instead of a hotel business center, it could have been the computers that line the halls of many conferences so that attendees can check their e-mail or a computer kiosk at the airport or even your computer that has been momentarily left unattended.
The Offender: Hacksaw
USB Hacksaw is a hack that infects Windows PCs with a payload that will retrieve documents from USB memory drives plugged into the infected PC and then transmit them to an e-mail account. USB Hacksaw was featured on an episode of Hak5, an Internet Television show for hackers, modders (a slang term for people who modify a piece of hardware or software to do something it wasn't intended to do), and do-it-yourselfers. (If you haven't bookmarked Hak5, you should.)
Hacksaw is based on USBDumper, which silently copies the contents of an inserted USB drive onto the PC; Blat, which sends e-mail using SMTP and a Win32 utility; Stunnel, which encrypts arbitrary TCP connections inside SSL; and Gmail, which is the end repository of the data.
USB Hacksaw is a proof of concept. When I installed it on a 2 GB SanDisk flash drive and infected one of my old computers, I found it cumbersome and confusing. But, then, I'm a Mac user, and my knowledge of Windows leaves a lot to be desired. The bottom line is that a competent hacker can use this concept to steal the stuff you carry around on your USB flash drive: things like that PowerPoint presentation describing commercial applications of your research or a spreadsheet containing your institution's donors and their credit card numbers.
Recommended Reading
- IE Is Least-Patched Browser, Report Says
According to a report released last Tuesday, more than 40 percent of Internet surfers don't use browsers with up-to-date security patches--and Internet Explorer users are the biggest culprits.
- Ballmer Wants Board Change at Yahoo
Microsoft's executives have been talking with investor and corporate raider Carl Icahn about renewed plans for Microsoft to acquire part or all of Yahoo, provided that Yahoo's board is replaced. The details were described in an open letter issued Monday by Icahn, which is addressed to Yahoo's shareholders.
- July 2008 Crossword
Click above to see the solution for the July 2008 Campus Technology crossword puzzle.
- Stanford, IFL Introducing $50 Handheld to Mexico Students
Stanford University School of Education and Innovations for Learning, a Chicago-based nonprofit, have entered into a social entrepreneurship collaboration to bring the $50 Teachermate Handheld Computer to extremely underserved children in Latin America.
- 'Important' Fixes To Come in Microsoft's July Patch Cycle
IT pros will come back from the holiday weekend to face a possible four patches in Microsoft's July patch rollout, according an advance announcement issued by the company. The patches, arriving Tuesday, won't contain "critical" or "moderate" items, but all four will be deemed "important."
- Joliet JC Adopts MIR3 Emergency Notification Platform
Joliet Junior College will be deploying the MIR3 inCampusAlert emergency notification service for its main campus in Joliet, IL and its extended campuses and extension centers. inCampusAlert allows for dissemination of information to and from cell phones, e-mail, pagers, land lines, and SMS.
