Proposed UK Bill Appears To Improve Access To... >>
<< Can We Predict The Mobile Music Backlash...
 tdicon 


(Mis)Uses of Technology

by Carlo Longino

Tue, Jul 26th 2005 10:25am





Pod Slurping Comes Around Again

from the repeating-it-won't-make-it-true dept

Time and time (and time) again enterprise IT managers have been warned about the dangers of "pod slurping' -- people using iPods or other high-capacity mp3 players as portable hard drives to steal information from corporate PCs and networks. The hype wave is coming around again, apparently because somebody wrote a program that can copy files from a computer to an iPod (you need a program to do that now?). The author's vision of how a slurping attack would occur has a would-be thief coming into an office disguised as a janitor, then going from PC to PC copying information. The issue isn't that the thief is using an iPod to copy files, that's irrelevant. The problem is that a company is letting in people disguised as janitors, with or without iPods. A reporter calls the threat "fast emerging" -- but by the end of the post, she says "It's unclear how much of a threat iPod slurping really is today. I haven't found any information on companies that actually suffered due to iPod slurping; of course, they aren't likely to tell the world of security breaches they'd suffered, either." All these scare stories do is sell useless analyst reports and pointless security software. Like so many before this one, new technology really doesn't raise any new security problems for reasonably intelligent people. What's next? An urgent report from a security expert detailing the emerging threat of these things called "brains" that let users store all kinds of information -- even stuff not stored on a computer -- for later off-site retrieval? You heard it here first.

6 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    No Subject Given

    identicon
    Anonymous of Course, Jul 26th, 2005 @ 10:40am

    There is no substitute for physical security. If the intruder didn't care about the theft being easily discovered he could simply remove the hard drive from the desktop machine and take it with him when he leaves, or steal the entire machine if its a laptop. In some offices he could burn a DVD of what he wants or use a USB memory fob. I think this is an example of the iPOD is the buzz and that causes lame brains to work it into their drivel no matter how tangential.

    reply to this | link to this | view in thread ]

  2.  

    storing information in brains

    identicon
    brainless squirrel, Jul 26th, 2005 @ 11:09am

    There seems to be little chance of that happening in most corporate settings today.

    reply to this | link to this | view in thread ]

  3.  

    No Subject Given

    identicon
    saleh, Jul 26th, 2005 @ 11:48am

    Security-conscious enterprises took care of this issue long ago, by disabling USB ports, CD/DVD writers, and floppy drives, and then selectively enabling them through policy. Other than in financial services, this is almost a complete non-issue.

    reply to this | link to this | view in thread ]

  4.  

    Pod slurping

    identicon
    Abe Usher, Jul 26th, 2005 @ 8:43pm

    Nice post. If you'd like the full story, check out the article that I wrote at:
    http://www.sharp-ideas.net/archives/2005/06/pod_slurping.html

    reply to this | link to this | view in thread ]

  5.  

    Just call us up

    identicon
    lemonnfresh, Jul 27th, 2005 @ 6:47am

    At the news weekly where I work, competitors only need to call up to get information on our advertising clients. People are still the weakest link in the security chain.

    reply to this | link to this | view in thread ]

  6.  

    Pod slurping whitepaper

    identicon
    Edward Lansink, Oct 10th, 2006 @ 12:26am

    More information on the dangers of pod slurping and how to combat data theft is available through one of GFI's whitepapers. Its title is "Pod slurping - an easy technique for stealing data" and it's availalbe through this direct download link - no registration, no fees.

    http://www.gfi.com/whitepapers/pod-slurping-an-easy-technique-for-stealing-data.pdf

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>


Proposed UK Bill Appears To Improve Access To... >>
<< Can We Predict The Mobile Music Backlash...
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss

Powered by Postrank

From the Techdirt Archive...
A word from our Sponsors...

Close

Email This