Originally published at: https://boingboing.net/2019/04/09/secret-service-learns-why-you.html
…
10 Likes
“Now you have two problems”
43 Likes
I’m gonna guess it was just device drivers installing.
Having malware on a USB device is hardly a solid indicator of malicious intent by itself. By their very nature malware is portable and non-obvious to most users.
8 Likes
Isn’t this illegally incompetent handling of evidence? Imagine something like
if USBPluginCounter > 2 or hostname~=/secret.*service/i
then ActAsIfInstallingSimpleMalware()
else InstallRealMalware(); USBPluginCounter++
12 Likes
You simply Do NOT plugin a foreign drive. Period.
Secret Service F’d up. Lesson learned should have happened prior to incident.
32 Likes
One of the uses for my dirt old 32bit ‘craptop’ is specifically that.
Oh that had malware on it, whatever, nothing to lose on this machine.
13 Likes
Chain of custody blown. By plugging it in and allowing autorun, the contents of the drive may have changed from the time it was recovered at the scene. The defence can now make a reasonable argument that the drive was tampered with by the Secret Service and any evidence recovered from it should be disregarded.
42 Likes
@beschizza - where did the second block quote come from? I can’t seem to find it in the original Miami Herald article. Is it behind a paywall or something?
1 Like
USB drives are one of the largest causes of malware alerts I see at the university I work for. Also, most malware doesn’t pop stuff up on device insertion. It’s trying to hide and not get immediately removed. I’d also wager it was device driver installation the SS agent saw.
7 Likes
At that level of threat, probably the only safe way to preserve it is to cut open the device and desolder the flash chip for recovery.
The isolated linux computer not automounting the devices is very nice, but it also needs to not autodetect USB keyboards, otherwise this can be defeated by a device like the Hak5 Bash Bunny.
8 Likes
I had to go and Google “Mar-a-Lago Gates” as I assumed you’d used some hilariously over the top stock photo of some random McMansion gates… nope… that’s where the President lives, that is. That’s what he thinks is good taste.
13 Likes
I once watched three Secret Service agents in a tense stand-off with an unlocked door. Nothing about this surprises me.
22 Likes
I was going to say, shouldn’t they have a special computer for those sorts of things.
I mean, really, part of me likes stories like these because it makes me feel better that the surveillance state is incompetent and no one is really sitting around condemning my porn choices.
16 Likes
This precise event is how some intelligence agency crashed the Iranian nuclear weapons centrifuges! Anybody can play. Just scatter random infected flash drives around the parking lot for a secure facility. Some monkey will be sure to plug one into the soon-to-be formerly isolated secure network! LOL!
10 Likes
Malware could have been the least of their worries. If you wanted to cause even more harm, get them to plug one of these into an unsecured critical computer.
I think I might buy one, just in case someone decides that rounding up all the lgbtq people into camps is the next logical step for fascism.
18 Likes
There are forensic readers for USB, my friend used to work for a company that made them. Police departments all over the US have them, mostly to poke around into the devices and phones of small time crooks. The forensic hardware is separated from the main OS software and in some cases isolated electrically. The main trouble is if the USB flash can detect that it is being analyzed it can refuse to function or even erase itself.
18 Likes
The Secret Service has very little influence on Trump, or on who is allowed access to him, when he’s at Mar-A-Lago. Whoever pays 250K to become a member gets to meet with Trump, and to bribe him or pitch deregulation or whatever they want to him, and there is NO RECORD of any of these transactions.
15 Likes
“Wait, does that say ‘driver installing’? That thing’s gonna drive my computer? Not on my watch!”
A hero, truly.
3 Likes
Bah! You beat me to it by seconds. 
Gold leaf All The Things.
8 Likes
