Someone dropped a USB stick containing a bunch of sensitive security data about Heathrow

Originally published at: https://boingboing.net/2017/10/30/see-a-pen-drive-pick-it-up.html

…

As usual you can’t fix stupid.

Myself, I wouldn’t have had the guts to plug it in.

Who puts a random USB stick they found on the floor in a computer? Proper protocol is to stomp it, burn it, snap it in half, toss in a shredder, and then bury the remains. Never put an unknown USB in your computer.

If you have a non networked machine you can reimage if required sure… otherwise not so much.

Chicken. Just use the handy computers at Best Buy!

Queen Elizabeth II ‘We… are not amused! Release the Corgis!’

Somehow, I don’t think anyone with legit access to this information dropped it. The contents list reads like the sort of data collection someone casing the place would create.

puts on forensics hat
That’s absolutely what I’d do with it- grab a scratch monkey workstation that’s off-line and with a disposable copy of the OS on it (or better yet, a LiveCD with the appropriate toolset installed) and see what the stick does.

Possibly an innovative way to increase the IT security budget of the organization the data originally came from. “Our budget’s so tight that we can’t even afford encrypted USB sticks. More funding would have prevented an occurrence like this.”

Security item #1: Don’t lose the USB stick.

But the USB stick is so shiny and candy-like. How can anyone resist inserting it into something? It could have tomorrow’s news on it. Or $100 million in Bitcoins. Or evidence of aliens. MUST INSERT.

“The Man” whom found it will be detained and debriefed on any material he may or may not have accessed.

Love how Airport speaks for its self, lips on the tarmac explanes to reporter the incident and situation at hand.

All the vague Intelligence Chiefs are in the loop.

Too sensitive to name any one but not sensitive enough to remain out of the daily rag.

“inserting it into something?”.

it’s such a turnoff when 50% of the time it’s the wrong way up. And such chafing…

No but you can slow down stupid by disabling USB ports and restricting local admin.

I have been using veracrypt to create encrypted partitions, however on one workstation I am at now I cannot install veracrypt without administrator privileges. Any solutions that sit entirely on the usb and don’t require administrator access to read (fine if read only)?

Or somebody looking to troll the public would make up.

Apart from damaging the USB hardware I don’t see an issue, but then I run linux and BSD at home and work.

Most Linux distros allow and enable HID on all USB ports by default. BADUSB will still infect those systems.
By default BSD does little when a USB device is connected. However, The BSD USB stack has well known issues around attach and detach error handling. The device simply needs to attach and detach rapidly (software exploit) several times to corrupt the kernel heap. Additionally, BSD is vulnerable to “corrupt” file systems where the metadata read by the kernel is seen as corrupt but is actually hiding files. Crashes have been reported under these conditions as well. BSD systems also need to worry about 8041 based USB controllers that can first masquerade one device, then pause & masquerade another device type.
My point here is that your choice of OS does not shield you from bad devices.