Podslurping made easy (don't try this at work)
We sort of
think this is obvious, but computer security expert Abe Usher has published a proof of concept showing how easy it is
to swipe corporate data via "podslurping," using an iPod or other portable drive. Usher has posted an entry on his blog
that not only features detailed info about how podslurping works, but also includes a helpful podslurping app for those
who'd like to try it out. While the idea of grabbing data via iPod is nothing new — Gartner recommended banning them
from offices a year ago — Usher's posting is sure to set
off a wave of panic among nervous execs who will in turn hassle their IT managers, who will in turn hire high-priced
consultants to come in and upgrade their network security, which will in turn be broken by bored teenagers in Russia,
which will be reported on by us and other blogs, which will then be repeated by the mainstream media in a tone of
nervous excitement, setting off a wave of panic among nervous execs who will…
Filed under: Portable Audio
Reader Comments (Page 1 of 1)
lnk @ Dec 19th 2005 1:36AM
Let's start taking bets on when. $20 on the disgruntled employee in cube 5, in say, 8 months.
Chino Hollanda @ Dec 19th 2005 1:36AM
What's the fuzz all about ..... back in the day's you could save files on a floppy disk!
those damn ipod's aren't USB plug and play.
Ruari @ Dec 19th 2005 1:36AM
MORE REVOLUTION INFO LEAKED FROM PRIVATE RETAIL CONFERENCE! (VIDEO EVIDENCE!!!)
http://boards.ign.com/message.asp?topic=90522163&start=90522513
Hmm it's from ein_uk guy that had info or something on the controller... this is a major leak!
sth @ Dec 19th 2005 1:36AM
This is booooring - as #2 points out, copying files to an external device is anything but new, and naming the copy program "slurp.exe" doesn't make it more interesting either. Really lame, even requires being logged in (hello? security?) or booting from a CD (yawn)...
Now the REALLY neat stuff is using an iPod in Firewire mode to copy things via DMA directly from RAM without needing any login, plug & slurp so to say:
http://www.securityfocus.com/archive/1/379393/2004-10-24/2004-10-30/0
"IEEE1394 Specification allows client devices to directly access host memory, bypassing operating system limitations. A malicious client device can read and modify sensitive memory, causing privilege escalation, information leakage and system compromise. Any system with sensitive information or in an unsecured physical location, esp. public access systems, should re-evaluate their system security and consider additional physical security measures if they are equipped with "firewire" ports. These ports are sometimes also called "iLink" on some Sony models."
lupinstel @ Dec 19th 2005 1:36AM
Wow, its like saving files...only cooler cuz it uses an ipod. I MUST get an ipod now so I can save files just like all the cool kids who beat me up.
SpoBo @ Dec 19th 2005 1:36AM
what's the fuzz ? just disable the USB ports .. it's an option in windows XP .. and if you need extra software you can always deny installers. And also .; why does it has to be with iPods again ? you can also PSPslurp data .. or usbstickslurp data .. or even budgetmp3playerslurp data.
KR @ Dec 19th 2005 1:36AM
Sorry, This sounds like another lame attempt by an anti-ipod group to dirty up a fine product. Why is only the ipod associated by name. Hello peoplesome jump drives have significant amounts of storage also not to mention other mp3 players, organiziers , cell phones, compact external hard drives, etc This is rediculous, a non-story
Greg @ Dec 19th 2005 1:36AM
agree with #6.
plus, there are two simple things you can do to protect:
1. disable CD booting (and pwd protect BIOS setup)
2. People should leave computers running and just LOCK Windows, not shut down.
druja @ Dec 19th 2005 1:36AM
Friends, I must warn you about the threat of LaptopSlurping! Employees may connect these laptop computers to your network and take files and information home! HOrror!
TIMMAH! @ Dec 19th 2005 1:36AM
This is nothing new. When the iPods first came out, people were using them to slurp software off of retail store demo machines.
redoc @ Dec 19th 2005 1:36AM
Dude, I was at work the other day and saw some interesting documents on the Intranet. Lucky for me I had my usb-powered printer with me. I hooked 'er up, and printerslurped ALL the good stuff. It was awesome.
Ken Westin @ Dec 19th 2005 1:36AM
It really amazes me sometimes how blind some admins are to this particular issue, when it really is not that difficult or expensive to protect your network from these devices,
http://www.centennial-software.com/
http://devicewall.centennial-software.com/
jonny quest @ Dec 19th 2005 1:36AM
What pisses me off is the fact that in the article they state that it's obvious if somebody is usind an iPod at work that they are up to no good. That's the stupidest thing I've ever heard (and I've been to /.!). Possibly, could they be...like... listening to music?!?!?!