Cybersecurity

5689 readers

199 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

If you had to access an unfamiliar flash drive (or other data storage), what safety precautions would you take? (lemm.ee)

submitted 2 months ago by ALostInquirer@lemm.ee to c/cybersecurity@sh.itjust.works

28 comments fedilink hide all child comments

The safest option is obvious, don't try to access its contents, but if you absolutely had to, what steps would you take to minimize/contain any potential harm to your device/network?

you are viewing a single comment's thread
view the rest of the comments

[–] merc@sh.itjust.works 1 points 2 months ago (7 children)

AFAIK computers with normal setups won't auto-run anything on a flash drive you insert. At most they'll prompt you to ask if you want to run something. (Say no.)

So, it's pretty safe to look at what files exist on the flash drive. Then you just have all the various exploits that exist with unknown files. Obviously, don't run any executables on the drive. Don't double-click on anything that looks like it's a document (say PDF or word doc) because it might not be. To be extra safe, even if it is actually a PDF or word document, don't open in the standard program (word or acrobat) because there's a slight chance it might be an actual PDF that exploits an unpatched vulnerability in that program.

If I work in Iran's nuclear program, and found this flash drive on the ground outside, I'd be a lot more cautious and maybe do some of these extremely paranoid things people here are suggesting. But, if Aunt Jenny was just over for a visit and I found a flash drive in the hallway near her room and want to check to see if it might be hers, it's probably safe just to insert the drive take a quick look and not click on anything.

[–] aard@kyu.de 26 points 2 months ago (4 children)

The problem is - is it just a mass storage device? Or is it maybe also a USB keyboard that will try to enter some payload? Or maybe it even contains a radio, and can communicate with an attacker nearby?

You can't tell from the outside which protocols a USB device implements.

You can fit all of that functionality into the space of a USB-A plug - so if it is a thumbdrive you have way more space to work with than you ever need.

At minimum restrict your computer to only loading mass storage drivers - but as you quite likely habe USB input devices it is just a lot easier to investigate such a device on something like a raspberry pi.

[–] Hamartiogonic@sopuli.xyz 1 points 2 months ago

That keyboard thing was pretty clever. I would not have thought of that.

load more comments (3 replies)

load more comments (5 replies)