Secure systems do not use USB. If a system has a USB, it can be compromised.
(media.patriots.win)
Comments (16)
sorted by:
DEFAULT COMMUNITIES
•
All
General
AskWin
Funny
Technology
Animals
Sports
Gaming
DIY
Health
Positive
Privacy
This is my explanation every time someone in the military complains about not being able to use USB drives. Sucks...but there is a good reason!
The security expert colonel today said they disable all USB ports.
rubber duckies are all in USB form, if you think you need more than 1 second to hack a machine that someone does via the interface that takes minutes you are mistaken.
A rubber duckie will do it in a second and would not look suspicious at all.
For those who think im crazy talking about rubber duckies over here its basically a USB you plug in and it runs a pre-programmed macro that takes a second, these are grade 1 to any hacker and not uncommonly owned
replying to myself because editing posts is always fucky, I even own one myself and I am by no means a "1337 h4x0r" just a blue collar working stiff
If a system has any way of getting data into/out of the system, it can be compromised. How exactly would you get the vote tallies and audit trail without I/O?
There are ways, but they are not as easy.
Not hard. Not a new technology, only not off the shelf stuff a kid could put together and sell to counties for big markups.
My point is there's nothing inherently insecure about USB. Having a Windows machine running on a secure network with autorun enabled is the problem. It could have just as easily happened with a CD or DVD or floppy.
LOL he said "Floppy" man I am old.. sigh
Yes, CD and DVD are same problem.
Problem is also that even with autorun off, it only takes one person to inert a USB and run something on the network.
Even if Biden got such a big margin that he actually won and there was no cheating -- the chaos of this election is a BIG win for China which has been telling its population for decades that "democracy is bad, and elections are chaos."
I think you have to be naive to think they were not trying to mess things up. It is also pretty clear that we made it easy for them.
Image from the following article:
https://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
Stuxnet, if you are not aware, was a worm created by ??someone?? and was designed to destroy centrifuges used in the Iranian nuclear program b making the displayed RPM not match the physical RPM so they would not notice the problem. It was said to be distributed by infecting random computers and USB in the city where it was needed, and waiting for a worker to walk it into the air gapped facilty and plug it in to use.
This was in 2010.
Some older examples of using cyberwar from this article:
https://isssource.com/stuxnet-loaded-by-iran-double-agents/