iPod…you pod…we can all slurp with iPod…

I read with interest the story about stealing data easily using iPods with a tool a security guy created. I received a 60 GB iPod for Christmas; I can certainly see how an organization’s most valuable and sensitive data could be slurped out without any knowledge of the company. I did an information check of a few of my security practitioner buddies at some very large multinational organizations. One thought all the USB ports on the desktop computers had been removed, but she did a quick check…of the desktops being used by the contracted staff…and found they ALL had active USB ports on them. Supposedly the tool the security guy created is not designed to download actual files, only report how many it found. However, how trivial would it be for an IT dude to write a simple script to find and download the files? I’ve accidentally copied files into my iTunes before, and it recognized them with the extensions renamed to look like MPEG files. Hmm…

Technorati Tags




Leave a Reply