Click here to receive your FREE subscription to Campus Technology

Home > Hacksaw Cuts Road Warriors

Security Focus

Hacksaw Cuts Road Warriors

8/10/2007

By Doug Gale

After checking into the conference hotel two days early, I proceeded to the hotel's business center where I briefly plugged my USB Flash Drive in each of the computers available to guests. I then returned to my room to prepare for an evening on the town. The next morning I checked out of the conference hotel and checked into nearby hotel because many of the arriving conference attendees might recognize me as the CTO of their primary competitor. That evening I begin checking a bogus e-mail account that I had set up earlier, and, sure enough, data was beginning to come in. By the second day it was pouring in so fast it was hard for me to keep up. The contents of any USB flash drive plugged into any of the computers in the business center at the conference hotel were being sent to me. I quickly trashed items such as family photos, music and spreadsheets of personal investments. By the end of the conference I had gigabits of confidential information from my company's top competitor.

Fortunately, the preceding paragraph is fiction; I really didn't to that. But I could have, and that's scary. Instead of a hotel business center, it could have been the computers that line the halls of many conferences so that attendees can check their e-mail or a computer kiosk at the airport or even your computer that has been momentarily left unattended.

The Offender: Hacksaw
USB Hacksaw is a hack that infects Windows PCs with a payload that will retrieve documents from USB memory drives plugged into the infected PC and then transmit them to an e-mail account. USB Hacksaw was featured on an episode of Hak5, an Internet Television show for hackers, modders (a slang term for people who modify a piece of hardware or software to do something it wasn't intended to do), and do-it-yourselfers. (If you haven't bookmarked Hak5, you should.)

Hacksaw is based on USBDumper, which silently copies the contents of an inserted USB drive onto the PC; Blat, which sends e-mail using SMTP and a Win32 utility; Stunnel, which encrypts arbitrary TCP connections inside SSL; and Gmail, which is the end repository of the data.

USB Hacksaw is a proof of concept. When I installed it on a 2 GB SanDisk flash drive and infected one of my old computers, I found it cumbersome and confusing. But, then, I'm a Mac user, and my knowledge of Windows leaves a lot to be desired. The bottom line is that a competent hacker can use this concept to steal the stuff you carry around on your USB flash drive: things like that PowerPoint presentation describing commercial applications of your research or a spreadsheet containing your institution's donors and their credit card numbers.


Recommended Reading
  • College of Southern Nevada Implementing Angel To Run Online Courses

    The College of Southern Nevada (CSN), a community college in Las Vegas with 41,000 students, has adopted the Angel Learning Management Suite (LMS) to support its online course offerings. In Spring 2008 CSN began evaluating alternatives to WebCT, which it currently runs, and made the decision to adopt Angel in the fall. In January 2009, CSN's 865 sections of online enrollment will be delivered using the Angel LMS.

  • Toshiba Brings DisplayLink to Docking Station

    Toshiba has introduced a new USB docking station that incorporates DisplayLink--a technology that allows computers to connect to projectors and other types of displays through USB 2.0.

  • Mitsubishi Ships SXGA+ Projector with DICOM Simulation

    Mitsubishi has begun shipping a new LCD-based SXGA+ projector aimed at higher education, specifically medical schools. The new MH2850U, according to Mitsubishi, is "specially engineered for projecting DICOM simulation images for use in medical education and training."

  • First Look: Komodo IDE 5.0

    Last month, ActiveState released Komodo IDE 5.0, the company's latest integrated development environment (IDE). Komodo supports multiple programming and markup languages, including HTML, JavaScript, PHP, Perl, Java, Python, C++ and more. It does not support some .NET languages at present, such as ASP/ASP.NET, C# and VB.NET.

  • IBM Offers Cloud Computing Help

    IBM last week announced consulting services specifically designed to help organizations assess their options in using cloud computing technology. "Cloud computing" is a much argued term, but it typically refers to solutions delivered over the Internet, rather than via customer premises-installed software.

  • Hollins U Chooses Omnilert for Emergency Notification Ahead of VA Deadline

    Hollins University, among other higher ed institutions in Virginia, has implemented Omnilert's e2Campus emergency notification system (ENS) just ahead of a state-mandated deadline requiring them at every public institution of higher education by Jan. 1. Hollins itself isn't a public campus, but wished to implement an ENS before the end of the year, the school said in a company statement.

Related Articles

send e-mail link to articleEmail this article

print this articlePrintable Format