Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
reconsidering physical security: pod slurping
From: Abe Usher (abe.ushersharp-ideas.net)
Date: Sun Jun 12 2005 - 22:37:00 CDT
I've written a report that explores an idea that has been known by the
security community for decades: physical security is important to
information system security.
A year ago a report was published by the Gartner Group warning that
iPods <http://www.apple.com/ipod/> (and other multi-gigabyte portable
storage devices) pose a security risk for enterprises
created an application (*slurp.exe*) that demonstrates this concept.
When the program is run from an iPod, it can __very__quickly__ copy
thousands of interesting files* from a PC to an iPod.
The full article and proof-of-concept application are available at:
Abe Usher, CISSP
* Office documents, *.pdf,*.xml, *.dbf, *.log, *.dat, *.txt, *.csv,
*.htm, *.url, et cetera