[Solved] Safe way to insert USB-drive.
-
Hi! Long time lurker here with a question. I am thinkig of making a software that temporarily disables windows from auto-running a application when inserting a cd or usb. To do this, I need to edit a key in the registry, that is no hard to do. What I want to know if this is enughe to stop malware from getting on my pc if I insert a usb-drive or cd, or if I am still risking getting a virus/malware on my pc. If I understand it enughe, for a virus or other malicius software to infect my pc, dosen't it have to run some kind of script or app for it? Would doing the above prevent that from happening or is it still dangerus to insert unknown usb drives into my pc, even with the auto run feature turned off?
Have a nice day Acuena
-
Hi! Long time lurker here with a question. I am thinkig of making a software that temporarily disables windows from auto-running a application when inserting a cd or usb. To do this, I need to edit a key in the registry, that is no hard to do. What I want to know if this is enughe to stop malware from getting on my pc if I insert a usb-drive or cd, or if I am still risking getting a virus/malware on my pc. If I understand it enughe, for a virus or other malicius software to infect my pc, dosen't it have to run some kind of script or app for it? Would doing the above prevent that from happening or is it still dangerus to insert unknown usb drives into my pc, even with the auto run feature turned off?
Have a nice day Acuena
Disabling autoplay won't be enough to protect you from a malicious USB drive. An attacker can manipulate the firmware[^] so that the drive pretends to be a keyboard or a network adapter. They can then send commands to your computer, or extract data, without having to run any software. You can even purchase a "USB Killer" drive[^], which can completely destroy your hardware as soon as you plug it in.
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
Hi! Long time lurker here with a question. I am thinkig of making a software that temporarily disables windows from auto-running a application when inserting a cd or usb. To do this, I need to edit a key in the registry, that is no hard to do. What I want to know if this is enughe to stop malware from getting on my pc if I insert a usb-drive or cd, or if I am still risking getting a virus/malware on my pc. If I understand it enughe, for a virus or other malicius software to infect my pc, dosen't it have to run some kind of script or app for it? Would doing the above prevent that from happening or is it still dangerus to insert unknown usb drives into my pc, even with the auto run feature turned off?
Have a nice day Acuena
To add to what Richard says, you get no real protection with a basic software solution: many computers are configured to allow "boot from USB" for recovery purposes, and even if disabling it in Windows works, if it has a bootable partition it stands a good chance of taking over the PC completely the next time it is turned on as that is part of the BIOS and before Windows even starts to load. The same problem exists with CD's (where fitted) - they can also be selected as a bootable device.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony AntiTwitter: @DalekDave is now a follower!
-
Disabling autoplay won't be enough to protect you from a malicious USB drive. An attacker can manipulate the firmware[^] so that the drive pretends to be a keyboard or a network adapter. They can then send commands to your computer, or extract data, without having to run any software. You can even purchase a "USB Killer" drive[^], which can completely destroy your hardware as soon as you plug it in.
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
Ow ya, did not think about the USB-killers and the modified firmware thing. That makes it much more harder to protect against bad USB with a software, it would make it impossible for the USB killer part. Guess you could protect against the USB-Killer attack by having a external device you can use as a sacrifice thing between the PC and the USB, it must be able to handle the surge though. Guess we have to stick to not allow it then unfortunately.
-
To add to what Richard says, you get no real protection with a basic software solution: many computers are configured to allow "boot from USB" for recovery purposes, and even if disabling it in Windows works, if it has a bootable partition it stands a good chance of taking over the PC completely the next time it is turned on as that is part of the BIOS and before Windows even starts to load. The same problem exists with CD's (where fitted) - they can also be selected as a bootable device.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony AntiTwitter: @DalekDave is now a follower!
-
You're welcome!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony AntiTwitter: @DalekDave is now a follower!
