Great cinematic effect to reinforce an old lesson that everyone knows and few people really act like they believe: physical access to an unlocked device means the attacker roots it and anything it can connect to. This includes “physical access denominated in seconds.”https://twitter.com/_mg_/status/949684949614907395 …
-
-
I'm guessing this thing pretends to be an Apple-branded USB keyboard: anything else will trigger the "unrecognised keyboard" dialog on macOS which blocks input until the user approves it. Hard to reliably "bless" devices, it's easy to fake vendor/product ID & serial numbers.
-
I'm suggesting something on the order of "You special-order all hardware that gets attached to your fleet of macbooks, exceptions to be approved individually" Which is a totally insane security posture, except at those organizations where it very much is not.
End of conversation
New conversation -
-
-
Unfortunately, much of the magic of identifying a hardware device is in the kernel. This is why the “safest” precaution is to fill the USB ports on corporate devices with glue so they’re unusable. Blocking USB devices has historically been all or nothing.
-
In Windows, for example, the only reliable way we found to do this a while back was to modify the location where registry entries for USB devices were created to be read-only and change the inheritable permissions.
End of conversation
New conversation -
-
-
I worked at a place with *really* tight security. I was informed that the PCs had installed software which would instantly encrypt, and for all practical purposes brick, any non-company device inserted into a USB port. It would then be confiscated and sent to analysis.
-
A cautionary tale was told of the guy who plugged in his phone for charging and ended up, several weeks later, with a small plastic bag containing his phone as a 1000-piece puzzle.
End of conversation
New conversation -
-
-
My wife used to work for a defense contractor and they had such alerting a decade ago. She saw people get walked out for accidentally (one hopes?) using a personal USB key
-
Technically feasiable, but imagine hiring / retaining good software devs in such an environment. ‘Patriotic’ causes excluded, of course
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.