Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: redjge
« on: 27. October 2009., 19:35:13 »

thumb drives that will have those multiple layer of security may become too bulky.
Posted by: F3RL
« on: 27. October 2009., 12:31:05 »

Good reading ;) Though, just use Sandboxie or something that should do the job of fingerprint scanning etc.
Posted by: bobbintb
« on: 26. October 2009., 15:29:13 »

oh thank god. i hate that we cant use those things.
Posted by: Samker
« on: 26. October 2009., 08:03:39 »



U.S. Military Expected To Permit Some Thumb Drive Use Again.

After being banned almost a year ago as bug-infested cyber threats, thumb drives may soon be allowed to plug back into U.S. Defense Department computers and networks.

But not all thumb drives. And not for all computer users, according to Pentagon officials and industry sources.

Thumb drives were banned in November 2008 after thousands of military computers and networks became infected by worms, viruses and other malicious software. Many of the infections were traced to thumb drives, which acquired malicious software from computers or the Internet and passed them on.

The ban has been a major hassle for many who came to rely on thumb drives.

Aircraft and vehicle technicians weren't hauling around tech manuals; the manuals were stored on thumb drives, said Tom Conway, director of federal business development at computer security company McAfee.

Medical records of wounded troops were sometimes stored on thumb drives and accompanied patients from field hospitals in Iraq to Germany and on to the United States, Conway said.

Pilots used thumb drives to transfer mission plans from operations rooms to aircraft computers. And thousands of others used thumb drives to store, share and transfer photos, briefings, videos, PowerPoint presentations, maps, documents and all kinds of other digital data.

The drives are tiny - thumb-size - but can carry enormous amounts of data, and are inexpensive, reusable and ubiquitous. And most are completely unprotected.

"Up until a year ago, we were using thumb drives all over the place," said Robert Carey, chief information officer of the U.S. Navy. He, too, used them. When he had to present a briefing, Carey said, he would copy it to a thumb drive and carry it to the briefing room. "Now I've got to burn a CD."

The ban wasn't confined to thumb drives. It also applied to memory sticks, flash memory cards, digital cameras, music players and personal digital assistants. But the thumb drive ban was the most inconvenient.

The drives were ideal for moving information, Carey said. "You can easily buy a 10-gigabyte thumb drive and, wow, you can plug it in, download data and carry it around." A 10GB drive can hold the equivalent of about 1,500 books.

In place of thumb drives and similar memory devices, the military urged troops to store information on military servers that are protected by firewalls and anti-virus software and secured by passwords.

This is effective at preventing malware infections, but not always convenient. For example, it's not always possible for troops aboard ships or on battlefields to get the network access necessary to retrieve large files.

Restrictions to Abound

Thumb drives still offer an attractive means to move information quickly, Carey said. So in the next 30 to 60 days, the Defense Department is expected to announce that thumb drives are back - in a limited way.

For starters, not everyone will be allowed to use them. Only "authorized individuals" are likely to be permitted to use thumb drives for "mission-essential functions," Carey said in a blog posting.

And the approved drives won't be like the thumb drives on sale at your local office supply store; they probably will be "government-owned and procured."

"The days of using personally owned flash media or using flash media collected at conferences or trade shows are long gone," Carey said.

"A whole lot of procedures are being developed" to govern the return of thumb drives, he said. "Issuance procedures, monitoring procedures, control procedures, it's all in progress."

A military "Removable Storage Media Tiger Team" is developing thumb drive policies for the U.S. Strategic Command, Carey said.

McAfee, which already provides anti-virus technology for about 7 million Defense Department desktops, laptops and servers, offers some advice: Only "trusted products" sold by "trusted suppliers" should be allowed, Conway said. And the trusted thumb drives should have multiple layers of built-in defense.

They should be able to scan data for viruses and other malware, as data is entering the drive and as it is exiting.

The drives should contain built-in encryption chips that convert everything on them to code that can be unencrypted only by a user with the correct password or the right fingerprint - or both.

The drives should also be made tamper-proof so that the information they contain self-destructs if anyone tries to defeat the encryption or disassemble the drive.

The Defense Department should also require that a unique serial number be assigned to each thumb drive. The number would enable network operators to set specific restrictions on what each drive will and won't be allowed to do, said Chris Parkerson, a removable media security manager at McAfee.

To make that work, though, the department would have to develop the capability to keep track of each thumb drive, and of who is using it and what that user is permitted to do with it.

Some of McAfee's recommendations might be too ambitious, Carey said. A system that can track and control what each thumb drive can do is probably beyond the reach of current technology, he said. And loading up a thumb drive with multiple defenses will drive up the cost.

Should thumb drives encrypt data? Yes, Carey said. Should they require biometric identification such as fingerprints? Possibly. "But every time you add a whiz-bang layer, it adds to the cost."

McAfee estimates that multiple layers of security could increase the cost of thumb drives by up to 80 percent.

The important thing is to ensure that thumb drives used in the future cannot transfer viruses to military computers and networks, Carey said. A big part of that won't come from technology, but from limiting thumb drive use, training users to follow security practices and conducting compliance audits, he said.

(DefenseNews)
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising