Secret service don’t care about drugs. I regularly saw people burn joints outside DC bars while they idled at a light and they just smirked.
Back in the day…
4 Likes
Normally it’s the usual autoexec files that work if the OS is set to run them. However, if blackhats get into the firmware of the USB drive stick, they can make the stick imitate other devices that aren’t as guarded against, like a keyboard or network interface. (And anti-virus won’t see it.)
5 Likes
Microsoft still has Autorun and Autoplay enabled by default. That makes them susceptible to a simple hidden autorun.inf that launches a .exe containing the malware.
Even my WIN10 laptop had autorun enabled as default.
Edit: what he said ^
2 Likes
Nah, autorun won’t automatically launch anything from a USB flash drive. Been that way since 7.
4 Likes
Not since 2009. (Or at least not to the same extent it used to be. That doesn’t mean group policy or other config changes can’t make things less secure though.)
https://blogs.technet.microsoft.com/srd/2009/04/28/autorun-changes-in-windows-7/
5 Likes
The little, not very tech-savvy company I used to work for didn’t allow us to plug in flash drives or unapproved keyboards. If we did, our PC or laptop would shut down immediately and a tech guy would show up to ask us what was going on. Hard to believe that the FBI has worse protections than a small Texas printing company.
If the USB stick had malware firmware, the agent must have pissed himself when it imitated a keyboard, opened a dosbox, and “typed” the commands to launch the malware.
Even if he shut it off quickly, treat it as compromised and give it a good fry-cleaning. Of course, if it re-flashed the laptop bios, can you really be sure? 
3 Likes
Have been wondering what happened to that big Utah Data Center that the spooks built 5 years ago and which nobody seems to have written about again. Maybe someone dropped a usb stick in the parking lot.
2 Likes
They’re just hard at work compiling a comprehensive database of every american’s compromising private information. NBD. Same MO as every fucking ad network ever.
3 Likes
I dunno why they just don’t contract it out the ad networks and save the hassle of building the data center.
2 Likes
Man, I just hope that the current iteration of the secret service is just as bad at other aspects of their job (read as protecting the president).
Mar-a-lago’s exterior, including the front gate, is a 1920’s American re-interpretation of Spanish Moorish architecture, the irony of which I’m certain is completely lost on Il Douche. You don’t have to like it, but comparing it the dictator chic commissioned by Il Douche or the nonsensical design language noise of McMansions is inaccurate.
It’s probably the only tasteful thing he ever purchased, presumably because he too could not tell the difference, and it’s a tragedy he did buy it because I’m sure he’s violated or circumvented the restrictions that come with it being a National Historic Landmark to vandalize the interior with his own vulgar taste, to say nothing of the obscenely large flag he planted outside.
7 Likes
Right. I knew my collection of Power Macs was good for something!
Also: Can’t auto-type any commands if no one’s logged in. Copying disks works just fine over SSH …
Thank you for the background. I feel that, unfortunately, the design has been cheapened by association with the tenant. 
3 Likes
3 Likes
I have seen a specialized linux install once which didn’t autodetect anything on it’s usb ports. It just put power on the thing and let you use libusb to query the device. IRRC it was not too hard to change the udev config to behave this way. This was used at the university here to check if found usb sticks contained a poor student’s lost thesis or nasty crack attempts (which were numerous in the physics/mathematics/software enigneering faculties because there are lots of curious students)
Even then a malicious usb device could still blow up the usb port or wipe it’s content in certain circumstances, but at least you could be reasonably secure against malware.
2 Likes
Do you mean curious as in enthusiastically investigative, or as in weirdly odd, or both? 
2 Likes
2 Likes
yes, all three! 
2 Likes
