VP and their misunderstanding of the word "preflight"

[brownshoe]

Parchment and burnt stick, smartass....:icon_tong

What? No kidding! Did you guys actually have fire back then? :icon_wink

Steve

(All kidding aside... I'm old enough to have seen P2s at JAX when I attended "A" school.)

 

[TheBubba]

While I would love to trash NMCI any chance I get, I was not actually referring to it but other instances where viruses made it into systems due to poor practices by those utilizing the systems. And in many of those cases people using USB drives were directly at fault.

Those people would have infected their respective systems regardless of what transportable media they were using. If they'd only been able to find CD's that day, then NMCI would have banned CD's.

If you're going to ban USB devices on that account, then you need to ban all removable and transportable media. I can do just as much damage to a network with a CD, DVD, 3.5in floppy, zip drive or any other data storage as I can with a USB stick. Actually, I can do more damage with a DVD than I can with a USB stick. (Not saying that I will... I'd never do anything malicious to a computer network. Es No Bueno)

 

[Flash]

Those people would have infected their respective systems regardless of what transportable media they were using. If they'd only been able to find CD's that day, then NMCI would have banned CD's.

If you're going to ban USB devices on that account, then you need to ban all removable and transportable media. I can do just as much damage to a network with a CD, DVD, 3.5in floppy, zip drive or any other data storage as I can with a USB stick. Actually, I can do more damage with a DVD than I can with a USB stick. (Not saying that I will... I'd never do anything malicious to a computer network. Es No Bueno)

From what I know there is some extra vulnerability with USB sticks that you do not have with CD/DVDs, I'll leave it at that. As for banning all media, that is generally what is being done on some systems with a few specific exceptions. A royal pain in the ass for many but understandable given the possible damage.

 

[phrogpilot73]

From what I know there is some extra vulnerability with USB sticks that you do not have with CD/DVDs, I'll leave it at that.

Actually the vulnerability is well known. There are ways to prevent it, if you have knowledgeable people working for NMCI. Every time I deal with them I realize that's not the case.

 

[Flash]

Actually the vulnerability is well known. There are ways to prevent it, if you have knowledgeable people working for NMCI. Every time I deal with them I realize that's not the case.

I wasn't talking about NMCI and the problem largely has been fixed, finally.

 

[TheBubba]

Flash,

Are you referring to the fact that one can easily hide installed software on a USB stick? Specifically with the "auto-run" turned on, and unknowingly install a program, malicious or otherwise, on a computer or network? Or is there something else that I don't know?

 

[Flash]

Flash,

Are you referring to the fact that one can easily hide installed software on a USB stick? Specifically with the "auto-run" turned on, and unknowingly install a program, malicious or otherwise, on a computer or network? Or is there something else that I don't know?

Yes, I believe that is it. I am no computer expert but when we got the run-down on the issues with removable media I believe that was one thing that differentiated USB sticks from others.

I know that the DoD often does an incomplete job with computer security but with such a large and dispersed population of folks from CONUS to war zones it is hard to do some of even the more simple things across the board. Throw in service or theater-specific systems and SOPs and it gets messy really quick. That is why the 'big stick' or KISS approach makes more sense in many cases than smarter solutions. Not saying it is always right but it is what it is.