14 December 2016

Don't leave your office computer on and unattended

As reported by Vice's Motherboard column:
Next time you go out for lunch and leave your computer unattended at the office, be careful. A new tool makes it almost trivial for criminals to log onto websites as if they were you... the new $5 tool called PoisonTap... can even break into password-protected computers, as long as there’s a browser open in the background...

“It’s entirely automated. You plug it in, you leave it there for a minute, then you pull it out and you walk away,” Kamkar told Motherboard in a phone call. “You don’t even need to know how to do anything.” 

Not all hope is lost though. To prevent someone from hijacking your accounts with PoisonTap, the best solution is to “fill your USB ports with cement,” Kamkar says laughing. 
Details at the link.

4 comments:

  1. so don't let your browser keep your passwords for you and don't say logged on. And if you want to disable your usb ports permanently, use epoxy, not cement.

    ReplyDelete
  2. Here's an invention: an app plus usb stick that super locks the computer if pulled out w/out password first. Like temporary cement.

    ReplyDelete
  3. I leave my computer with the browser open to this blog. Never have had a problem.

    ReplyDelete
  4. There's also the old Rubber Ducky, which looks like a USB drive, runs invisibly, and can be programmed to copy all passwords from the computer drive and erase all mention of its existence from the computer's registry 15 seconds after being plugged in.

    How-to on youtube...

    Stay safe everyone! :\

    ReplyDelete