A Defensive Computing Checklist    by Michael Horowitz
HOME | About | Domain Names | VPNs | Rules of the Road | DC Presentation | ChangeLog | Stats |

USB FLASH DRIVES

Small USB flash drives (aka pen drives, aka USB sticks) can be surprisingly dangerous, both their software and their hardware.

SOFTWARE

Most defensive issues involve their software and this has a very simple solution: any new USB flash drive, whether purchased at retail or found lying on the floor, should be plugged in to a Chromebook running in Guest Mode. If the drive has malicious software, it should not infect the Chromebook (most malware targets Windows or macOS), and if it does infect something, exiting Guest Mode should wipe out the infection.

Better still, format the drive from the Chromebook to hopefully wipe out any possibly hidden software or files.

VALIDRIVE

For Windows users, Steve Gibson offers his free ValiDrive program. I highly recommend it. The program does three things

  1. It verifies that the flash drive is actually the size it says it is. There are many flash drives on the market (certainly sold at Amazon) that do not have the storage capacity they claim to have. This is a big scandal because these scam devices not only lie about their capacity, they also lie to the operating system about actually having written data.
  2. It runs speed tests for both reading and writing
  3. It verifies that 576 sections of the flash drive are perfectly functional for both reading and writing.

ValiDrive is a single EXE file, thus there is nothing to install and the program is portable.

HARDWARE

On the hardware side, the articles below show that a USB flash drive can both explode (when a person is the target of bad guys) or destroy the computer it connects with.

The first I had heard about exploding USB flash drives was in March 2023 as detailed in the articles below. As soon as the flash drive got power from the USB port in a computer, it exploded.

The defense here is a USB extension cord, preferably 6 feet or longer. Plug the cord into the flash drive and then stand far away from the flash drive when you plug the other end of the extension cord into a computer. Maybe even have a barrier between the flash drive and yourself. This is yet another reason to use a Chromebook for USB flash drives as they are, generally, cheaper than other computers. Then too, the below.

Other than avoiding anything but a brand new flash drive, the defense here, yet again, is a Chromebook. This time a very cheap one to serve as the sacrificial lamb, so to speak.

I first heard of the Malicious Cable Detector by O.MG in August 2023. It claims to detect all types of malicious USB cables. At the time, it sold for $40.

 

 This page: 6 views per day (over 673 days)   Total views: 3,818   Created: March 25, 2023
This Page
Last Updated

October 9, 2023
Site Page
Views TOTAL

 1,080,293
Site Page
Views TODAY

  253
Website by
Michael Horowitz
@defensivecomput
top
Copyright 2019 - 2025