LinkBack URL
About LinkBacks
Reply With QuoteRabbieBurns (1st February 2009)
Been discussing this with a colleague and wonder if the U3 or similar drive managed to install it's launcher on the PC - so that it ws able to run later - and appeared (to XP) to be running from the PC rather than the drive? Just a thought - as I can't see any way that it can get booted up without Autorun. (I've designed numerous applications over the last few years to make startup as easy as possible from removables but without 'injecting' a launcher or autorun I still can't see a way it can be done).Originally Posted by flyinghaggis
On the vexed question of USB and security - as you may know this is our speciality - so again I will try to tread carefully. Please tell me if you dont find this helpful and I will desist straight away!
I know it's not easy to preserve a good level of security and keep the convenience and flexibility of allowing removable memory devices to be used. As Geoff says there are a lot of considerations and some real 'gotchas'.
The reason we have concentrated a lot of developement on this area is that there seems to be many schools - a majority of schools as far as I can tell - who want or need both.
We have achieved this in numerous schools over the last three years or so but again as Geoff points out the problems are becoming more complex as the BECTA requirements etc require higher security and Impact Level labelling etc. making the problems very different when a student / pupil is logged in from when a staff member is.
In the latter case the prime need (in my understanding) is to enure that data leaving is encrypted and is auditable (and that everyone knows that) - while with the pupils it's principally to prevent the kind of problems we've been discussing here (exes / autorun etc) and the bringing in - or taking out - of MP3s and other copyright stuff.
It seems to me that every school is a little (or a lot) different in its needs and emphasis - and I'm constantly amazed at the diversity!
You will no doubt have gathered that we have not given up on the quest (for the best of both worlds) - far from it. But I am keen to know what the key people on the frontline are thinking and how they plan to meet these challenges.
Not sure I can help with arguments to persuade SMT to up the Araldite budget (kidding) but otherwise I might be able to help a bit here and there!
It's the status quo. Way back when we removed floppy/CD drives. It's just a continuation of that policy.
Generally it's disabled in the bios apart from select PCs (Offices/Staffroom). Basically anywhere there isn't going to be unsupervised pupils.
One thing to try, make a blacklist hash of the autorun.inf exe it calls.
I have a u3 stick so when I get back we can see if the hash blocks it or if each stick/manufacturer has a custom build of the exe.
The 'official' U3 removal is here Bring the power of portable software to your USB flash drive - make it a U3 smart drive!
We actually intentionally gave out USB sticks this year to our students that were formatted in this way - it means that I know they have and can't delete certain information [forms, handbooks, etc] (and as a bonus to them they have storage space for their academic work)
RabbieBurns (1st February 2009)
Latest Sophos Anti-virus has Application Control which stops all kinds of Nasties like this. Works very well, judging by the reports I get from Sophos. Stops all these U3 type fiddles, games, iTunes, media players... and more!!
7&
Removed from my pen drive perfectly.. Thanks
Slightly off topic but this could also be a bit of a security issue with the Conficker infection doing the rounds at the moment. The partition and autorunning program may well be read only but I'd be a little worried that variations of this worm may be able to make use of that.
couldn't you use usbdlm to block all other drive letters except one that can be used for the usb memory stick in conjunction with ( assuming you have R2 ) to block autorun.info and exe's ( either or - or just both ) on the memory stick ( which you know will always load as that drive letter ( which you configured / set earlier using the usbdlm inf file ) due to usbdlm.
Sorry to drag up an old thread...
Actually no, it's people like you who buy it assuming its a normal flash drive who are annoying. U3's autoplay ability is excellent but people like you who buy it in a packet with the U3 logo never actually understood what it is. Then you're the first to moan about it and the next thing you know so is everyone else. Sandisk then get feedback that U3 is not popular and scrap it.
The potential of it was huge but because people like you didn't understand what you were buying it's been dumped.
For those moaning about the security aspects, its no more dangerous than a CD-rom that hasn't been completely disabled (and if you disabled it then why even have it in the machine?).
As someone said on page 2, they handed them to students so they could know for sure that students had copies of documents. This technology also had other uses - such as onboard storage of drivers for USB devices. It would have eliminated the need for M$ to have to include thousands of drivers with every version of Windows and then bloating your hard drive.
Didn't think about that last one huh.
I have a tool kit for those who wish to remove their U3 partitions - pm me your email and I'll be in touch. You can also install your own .iso images to the virtual CD too (which is just as dangerous as burning a CD before anyone comments).
Its not a problem that you've dragged up an old thread.Sorry to drag up an old thread...
Its your attitude it that's the problem.
If the subject was currrent then maybe some of your comments would be relevent and useful.
But the subject isn't current and your remarks aren't.
regards
Simon
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
