Bob ‘n Alice On Security

Helping to Avoid a False Sense of Security

Archive for February 2009

SanDisk Enterprise Cruzer Secure USB Flash Drive Vulnerability

with 2 comments

Wow, Bob has found a second secure flash drive that suffers from a major autorun vulnerability. A new PDF details this new SanDisk Enterprise Cruzer vulnerability. The trust we can place in the SanDisk Enterprise Cruzer (and the OEM’d Kingston Data Traveler Elite Privacy Edition) is now as strong as the trust we can place in the supply chain.

What was the name of the delivery guy that brought that box of shiny new Cruzers to the office? Hope he couldn’t be convinced to let someone alone with that box for a few hours…. If that someone was hostile, the network might have a new, uninvited user – or worse.

Heck, even if the supply chain is rock solid, a hostile outsider could leverage an organization’s use of the SanDisk Cruzer to penetrate their defenses by planting a malware-infected device in any number of ways. In this way, the trust placed in the device makes it more of a danger to the organization than if it were untrusted.

As always, stay safe and avoid a false sense of security.

Advertisements

Written by Alice

February 18, 2009 at 21:27

MXI Secure USB Flash Drive Trojan Vulnerability

leave a comment »

Well, Bob has done it again. He just sent me a PDF that reveals a major vulnerability in MXI’s secure usb drive, the Stealth MXP.

The short version is that anyone carrying a Stealth MXP could be carrying a trojan. Read the PDF on the MXI Stealth MXP trojan vulnerability to learn the details – it should give you some idea of what you’re facing. It will also likely spur an immediate security review of all Stealth MXPs deployed by security-sensitive organizations. The decision that will need to be made is whether or not a thorough scan of the “read only” partition will be sufficient to reveal any and all malware, and thus regain confidence in the devices. Perhaps MXI Security will release some sort of validator to run against their drives to confirm that they haven’t been tampered with.

This is unfortunate for customers of MXI Security, as it follows on top of the MXP Stealth crack revealed a few months ago by the folks at Objectif Sécurité. It will be curious to see if another patch will follow MXI06-001 to remedy this new fault.

While we’re looking at the Stealth MXP, it is interesting to note that it uses another security technology that has been hacked on numerous occasions – biometric fingerprint scanners. Probably the best known case was when the folks at the popular TV show MythBusters hacked a fingerprint scanner, though there have been many others. While biometric scanners are often positioned as an additional layer of security, they are clearly an additional layer of false security, and as such are best avoided.

As always, stay safe and avoid a false sense of security.

Written by Alice

February 4, 2009 at 14:59