Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/abeusher/sharp-ideas.net/ideas/wp-includes/formatting.php on line 82
Robert McGrew wrote an article describing how he hacked the auto-run feature on a U3 USB thumbdrive:
The implications of this are simultaneously interesting and disheartening. Interesting because computer hobbyists could use the capability of hacking an autorun USB device to create some very novel applications. Disheartening because this may lead to yet another attack vector for malicious hackers. Time will tell what the implications will be!
Consider the positive uses of this technology:
Users can make custom U3 applications that “autorun”:
- Anti-virus software from USB
- Spyware removal from USB
- System integrity checks on OS files (.dlls and .exes)
- Users can replace the U3 launcher application with one of their choosing (e.g. Launchy)
Consider the negative implications of this technology:
- Hackers write viruses/backdoors that autorun from USB drive
- Users modify their U3 drive to subvert applications with DRM technology
- Due to risks, organizations end up banning USB devices from use.
To have a better idea of what this might mean, check out the list of portable applications on Wikipedia.*
What’s your opinion? Will this be good or bad?
* Applications that can run off of a USB drive.