Re: Banking security loophole ?
- From: Mogga <di@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 13 May 2007 09:45:05 +0100
On Sun, 13 May 2007 08:50:09 +0100, "Paul Nutteing (valid email
address in post script )" <nutteing@xxxxxxxxxxxxxxx> wrote:
Mogga <di@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1gfd435iqf239u3a6h8hrdpmffi1317nqh@xxxxxxxxxx
On Sat, 12 May 2007 22:48:06 +0100, "Paul Nutteing (valid emaill
address in post script )" <nutteing@xxxxxxxxxxxxxxx> wrote:
Seeing this prog
http://www.bbc.co.uk/pressoffice/pressreleases/stories/2007/03_march/23/key
loopholeogger.shtml
"A BBC South Inside Out investigation has revealed how an alarming
in security allowed a six-year-old to hack into the highly sensitive
computer system at the House of Commons. ..."
a couple of months back was in my mind
when I went to my building society this week.
New fangled flat screen computer monitors.
With what to me look like 2 USB ports
on the edge of the monitor that
I could have easily plugged something
in employing just marginal distraction.
Assuming I disguised the thumb-stick to
match the surround so unlikely to be spotted
and retreived a week later .
Would just the act of plugging some
active thumbstick gizmo into a monitor
be all thats required to obtain a weeks worth
of screen contents?
Would depend what the gizmo was. I'm sure the average 6 year old could
plug one in though.
--
http://wwww.orderonlinepickupinstore.co.uk
Ah fetch it yourself if you can't wait for delivery
http://wwww.freedeliveryuk.co.uk
Or get it delivered for free
The BBC/MP investigation of course did not go into
detail of what was in the gizmo.
All the kid had to do was have a few seconds
clear (cleaners etc have hours) and recognise
the back of a pc and a USB port and loose the
keyfob sized gizmo in the rat's nest of wires.
She did not have to know a password or
type in anything to activate or introduce a
Trojan via floopy drive or anything.
Then a few days later just unplug it.
I don't know whether these BS monitor's
USB ports are functionally the same as the ones on
the main body of a pc.
Just a 'customer's' arm length away.
I assumed there was some knowledgable
computer expert on this board.
The only difference being that if the device drains a lot of power
it'll turn your monitor off.
On one of my monitors I could stick a usb key sized device there and
not see it from the front.
Adding something normally triggers a windows noise and an indicator
that something is now available. Whether staff would notice this or
not is another matter.
A secure system though should take this potential for disaster into
account... but if they're using windows then it's constantly needing
new updates for security.
I'd assume that it could be possible to disable ports on a monitor -
or that other security measures should be in place to prevent programs
from running automatically.
I think more info will continue to be lost by staff taking laptops
home and leaving them on the tube etc.
--
http://wwww.orderonlinepickupinstore.co.uk
Ah fetch it yourself if you can't wait for delivery
http://wwww.freedeliveryuk.co.uk
Or get it delivered for free
.
- Follow-Ups:
- Re: Banking security loophole ?
- From: Mikey
- Re: Banking security loophole ?
- References:
- Banking security loophole ?
- From: Paul Nutteing (valid email address in post script )
- Re: Banking security loophole ?
- From: Mogga
- Re: Banking security loophole ?
- From: Paul Nutteing (valid email address in post script )
- Banking security loophole ?
- Prev by Date: Re: Bankrupt Barrister?
- Next by Date: Re: AA - automatic renewal of insurance
- Previous by thread: Re: Banking security loophole ?
- Next by thread: Re: Banking security loophole ?
- Index(es):
Relevant Pages
|
