Next time you go out for lunch and leave your computer unattended at the office, be careful. A new tool makes it almost trivial for criminals to log onto websites as if they were you... the new $5 tool called PoisonTap... can even break into password-protected computers, as long as there’s a browser open in the background...Details at the link.
“It’s entirely automated. You plug it in, you leave it there for a minute, then you pull it out and you walk away,” Kamkar told Motherboard in a phone call. “You don’t even need to know how to do anything.”
Not all hope is lost though. To prevent someone from hijacking your accounts with PoisonTap, the best solution is to “fill your USB ports with cement,” Kamkar says laughing.
14 December 2016
Don't leave your office computer on and unattended
As reported by Vice's Motherboard column:
so don't let your browser keep your passwords for you and don't say logged on. And if you want to disable your usb ports permanently, use epoxy, not cement.
ReplyDeleteHere's an invention: an app plus usb stick that super locks the computer if pulled out w/out password first. Like temporary cement.
ReplyDeleteI leave my computer with the browser open to this blog. Never have had a problem.
ReplyDeleteThere's also the old Rubber Ducky, which looks like a USB drive, runs invisibly, and can be programmed to copy all passwords from the computer drive and erase all mention of its existence from the computer's registry 15 seconds after being plugged in.
ReplyDeleteHow-to on youtube...
Stay safe everyone! :\