USB Drives: Is There A Way To Use Them Safely?

Рет қаралды 2,939

Күн бұрын

Q&A169: Flash drive safety, most physical pain we've been in, RSS feed sources being difficult, email aliasing, and more! Join our next Q&A on Patreon: / sr170-patron-q-99908355
Welcome to the Surveillance Report - featuring Techlore & The New Oil to keep you updated on the newest security & privacy news.
❤️ Support us on Patreon: / surveillancepod
💛 Support us on Liberapay: liberapay.com/surveillancereport
🪙 Monero: 46iGe5D49rpgH4dde32rmyWifMjw5sHy7V2mD9sXGDJgSWmAwQvuAuoD9KcLFKYFsLGLpzXQs1eABRShm1RZRnSy6HgbhQD
Sources: sr.url.lol/sources
00:00 Flash drive safety
06:24 most physical pain we've been in
10:10 RSS feed sources being difficult
15:10 email aliasing
Main Sites
Surveillance Report: www.surveillancereport.tech/
Odysee: odysee.com/@surveillancereport:2
PeerTube: apertatube.net/c/surveillance...
Techlore Website: techlore.tech
The New Oil Website: thenewoil.org/
#privacy #security #news

Пікірлер: 27

@YannickBo 4 ай бұрын

Put Q&A in the title please

@LaserFur 4 ай бұрын

I use USB sticks or USB drives to transfer files between a air gap work system and the internet connected system. USB sticks lack TRIM support. so they retain the files when files are deleted. So you have to wipe them, but lately they fail with a wipe. So it's time to bring it to the anvil and smash it. I've had better luck with Flash Blu drives and also partitioning them so that the wipe only has to be applied to a smaller area. I also look for drives that lack the ability to update the USB stick controller. One thing to look for is drives that come with software in a folder since those are strangely safer once the folder is deleted.

@Riclaval 3 ай бұрын

couldn't you clear the wipe by loading new redundant files like videogames onto them?

@LaserFur 3 ай бұрын

@@Riclaval writing files on to the USB stick is the same as a wipe, but the stick's endurance fails and the write stops. The wipe software really is just writing a large random file to the drive.

@fangzhou3235 4 ай бұрын

There are/were flash drive with read-only switch. Another way is use SD card with a USB card reader, the cards has read only switch.

@zedvee2668 4 ай бұрын

That’s a creepy question, I would not have answered it.

@Parakeet-pk6dl 4 ай бұрын

I'm wondering if Reddit not accessible through a VPN is something US specific as I'm using Reddit everyday running IVPN.

@William0271 4 ай бұрын

I can't access it through US or Canadian VPN endpoints. Never tried other places

@Parakeet-pk6dl 4 ай бұрын

As far as I tried, it works through all European servers. I'm switching servers regularly and I've never encountered any problem.

@surveillancereport 4 ай бұрын

It's when you're not signed in. If you're signed in, it doesn't care. If you're not signed in, it blocks you on most servers. -Nate

@TiagoTiagoT 4 ай бұрын

Even with your own pendrives there's still the concern of supply-chain attacks. Not to mention all the fake drives with hacked firmware that get sold as legit all the time; it's just a matter of time before someone figures out a cheap way to do more than (just) announce fake drive capacity.

@craven3190 4 ай бұрын

I use hide my email from Apple and Proton Pass to create aliases and never had an issue.

@timmerk7363 4 ай бұрын

I have the same problem with RSS, it's so common that personally it is one of the main reasons why I don't use any RSS reader. If I need to open my Browser anyway, I can just bookmark the sites.

@TiagoTiagoT 4 ай бұрын

I actually once had the anti-virus on my pc prevent a virus infection when my brother plugged the phone onto my computer to charge. That was ages ago though, I think it might've been before Android. I have no idea how the virus got in the phone in the first place. Possibly one of those bluetooth vulnerabilities that show up once in a while; hell, I even once received a virus via bluetooth on my Nokia 3650; it wasn't fully auto-executing though, it did had to show a prompt asking to install (I think it pretended to be an updated from the carrier, I don't remember much details, not sure), so there was a small social engineering factor there; I did keep the file and later analyzed with my computer's antivirus, and yep, it was a virus targeting Symbian phones; so yeah, bluetooth and mobile phones don't got the best security track records when it comes to malware.....

@kentaviousaurelius 4 ай бұрын

Do websites know if someone fetching their contents? If they know could they see your ip address?

@Zenoff64 4 ай бұрын

If you access a website, they see your IP address unless you're using a VPN. If they see abnormal traffic coming from a specific IP they'll likely know someone it doing something.

@themroc8231 4 ай бұрын

I always thought desktop environments should offer the option to prompt for the user password before mounting any external storage device. Sure, it's not a definitive solution to anything, but at least it would allow you to make sure no one can copy code from an unatended computer (and yes, i know you should not leave a computer logged in and unatended)

@gblargg 4 ай бұрын

You don't even know what type of USB device the apparent flash drive is. It could be a hub with a keyboard, mouse, and flash drive.

@themroc8231 4 ай бұрын

@@gblarggIf you need to mount it you know it's a storage device.

@gblargg 4 ай бұрын

@@themroc8231 Or a hub with a storage device on it, AND a keyboard, mouse, etc.

@TiagoTiagoT 4 ай бұрын

If you're plugging your stick on someone else's computers, you're plugging it on all the other computers other sticks that have been plugged there have been.

@casraf 4 ай бұрын

RSS thing is definitely source - some websites will put up the full content, some will truncate so you give them clicks. I am sure there are some readers that can fetch the content for you and dump it in a more readable way (and if not, I'm already working on an RSS reader, might as well think about adding that as well)

@bionicbison05 4 ай бұрын

NetNewsWire on iOS and macOS has a convenient reader button that loads the full webpage in reader mode and seamlessly replaces the content of the preview window with the full content. It’s very nice.

@CedroCron 4 ай бұрын

I own multiple domains that won't be accepted at certain sites for e-commerce etc. I don't do business there, same as the sites that won't accept VPN. Their choice not to accept my dollars because of their stupidity.

@izerpizer 4 ай бұрын

10:10 I think you are conflating RSS with Atom. The RSS 2.0 spec does not necessitate that the full article be included.

@pepeshopping 4 ай бұрын

USB drives risky? Define “safe” and at least describe the mechanisms for them to be “risky”! Just inserting a USB drive will NOT infect a computer! (Auto run of external devices is disabled by default). Yes. A sketchy, unknown, compromised USB device may have an HID interface to emulate a keyboard, but that’s why you do not use unknown devices AND have proper AV and firewall running. As a rule of thumb: -Infection can only happen if you do open/execute a binary stored in the drive. -If you leave it plugged-in and reboot the computer. Depending on BIOS BOOT settings, it can try to boot from the USB drive and if infected with a boot/UEFI or root kit malware, they got you.