Great cinematic effect to reinforce an old lesson that everyone knows and few people really act like they believe: physical access to an unlocked device means the attacker roots it and anything it can connect to. This includes “physical access denominated in seconds.”https://twitter.com/_mg_/status/949684949614907395 …
-
1:02Show this thread -
I *occasionally* worry that we focus on threats which pattern-match to hacking in movies as opposed to things which an actual attacker would use, like “spearphish publicly routable employees.”
2 replies 1 retweet 32 likesShow this thread -
There’s a business model here, incidentally, on product client software, server software, and peripherals to guarantee this isn’t happening. “Alerts your security team every time a USB device that has not been blessed is inserted” is a reasonable posture at some places.
4 replies 1 retweet 31 likesShow this thread -
Replying to @patio11
I'm guessing this thing pretends to be an Apple-branded USB keyboard: anything else will trigger the "unrecognised keyboard" dialog on macOS which blocks input until the user approves it. Hard to reliably "bless" devices, it's easy to fake vendor/product ID & serial numbers.
2 replies 0 retweets 1 like
I'm suggesting something on the order of "You special-order all hardware that gets attached to your fleet of macbooks, exceptions to be approved individually" Which is a totally insane security posture, except at those organizations where it very much is not.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.