Security risks of removable media (was: Offline Search?)
dragonhawk at gmail.com
Thu Jun 5 16:18:09 EDT 2008
On Thu, Jun 5, 2008 at 2:46 PM, Thomas Charron <twaffle at gmail.com> wrote:
>> Well, if we assume the computer is offline (which we've been asked
>> to do)... and the software isn't on the drive... what good is having
>> the search engine data going to do? :)
> Umm, I don't see that requirement anywhere in the thread. Did I
> miss something?
Well, the subject line, and the first sentence of the original post,
both mention "offline search". I finda figured that meant it needed
to work offline. I suppose one could insist on an offline search
despite being online, though that seems somewhat masochistic.
> Any sort of end user controlled exchange of files and/or data is
> also a big security risk.
I would think the OP can presumably trust himself to not steal his
own data from himself. In contrast, there actually *is* a huge
malware problem. It's not hypothetical. It also causes real damage.
(Example: Reportedly, the vast majority of spam comes from
>>> ... generally network attacks are exponentially more effective.
>> And even when the drives
>> themselves are clean, many people still expose themselves to
>> significant risk by using them on PCs that are already compromised.
> They put themselves at even greater risk just USING the compromised
You're missing the point. The very scenario under discussion is
carrying around removable media to use in arbitrary PCs. If you
want to state flat out that you shouldn't use untrusted PCs -- and to
me, that's an extremely smart idea -- then why are you carrying
removable media to use with the untrusted PCs?
 If the PCs were all trusted and under one's own control, one could
presumably just install the damn software and dispense with the
More information about the gnhlug-discuss