The Conficker Working Group has hailed its success in neutralising domains programmed to act as control hubs for the infamous worm, while lamenting its failure to mount a comprehensive clean-up operation against infected PCs or to bring its authors to justice. Members of the Group reflect on the long battle against the …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 26th January 2011 15:57 GMT MikeSM

Have we learned nothing?

And yet IT departments far and wide, from Fortune 500 companies to defense contractors to governments, still allow all workstations to read/write/execute USB sticks. (stuxnet anyone?)

In this day of ubiquitous broadband internet, smartphones, and "cloud" infrastructure, I'm having a hard time justifying the need for any type of removable media for end users.

1 2
1. Wednesday 26th January 2011 17:06 GMT Benedict
  
  this is the title
  
  Ok, well, I need to move several gig of data to another computer ASAP, I don't even want to wait on the LAN, propose a quicker and more convenient way to do that a USB removeable device.
  
  0 0
  1. Thursday 27th January 2011 00:46 GMT westlake
    
    Why?
    
    "Ok, well, I need to move several gig of data to another computer ASAP, I don't even want to wait on the LAN."
    
    Give me a real-world example where this makes sense.
    
    1 0
    1. Thursday 27th January 2011 09:47 GMT Anonymous Coward
      
      Not everyone...
      
      Not everyone has gigabit connections. In fact, most probably max out at less than 200 kilobit/s when connected to the internet. I'm guessing even most LAN's out there are still 100Mb hardware, and there are few real world instances where you actually get full potential. A USB drive can move files as fast as 400Mb/s. On many LAN's it can take 20 minutes (or more) to transfer a 4.4GB iso. This is a real-world example where it would make more sense to use a USB drive, especially if you were moving all 8 Debian squeeze iso's for instance. For most people if they need to take home a 2GB folder then USB drives are the only option. Getting rid of USB drive capabilities is not an option.
      
      0 0
    2. Thursday 27th January 2011 13:52 GMT Benedict
      
      here's an example
      
      A significant member of your organization's PC won't boot, you've pulled the HDD out and slaved to in another to get the data, and swapped in a temp PC for the worker. Obviously they've saved all their data locally as they are told not too and the longer it takes you to get them up and running the more earache you'll be getting.
      
      This is only one example, but the generic case is "I need to move a large amount of data as quickly as possible", currently USB removable is the most convenient, even if not always the fastest.
      
      0 0
2. Wednesday 26th January 2011 18:07 GMT copsewood
  
  autoexec on removeable media insertion
  
  Any OS or OS configuration which automatically executes content on a removable device or media is insecure by definition.
  
  OK I know it shortens instructions for dumb end users when you want them to install something from a CD, but is this consequence really worth that so called advantage ?
  
  3 0
Saturday 29th January 2011 22:39 GMT Dr. Vesselin Bontchev

USB functionality

There is no need to disable the ability to access the USB. It is enough to disable Autorun and Autoplay.

0 0