Slashdot Mirror


A Lot of People Carelessly Plug In Random USB Drives Into Their Computers (vice.com)

An anonymous reader writes: Scientists have proven that a lot of people will carelessly plug in a USB drive found on the ground, exposing themselves to potential infections from malware. The researchers dropped 297 USB flash drives on a university campus and saw that in 48% of the cases, people picked them up, plugged them in, and opened files from the drive on their computers. Should such people be mocked? Would you plug in a USB drive that you found on the ground? Bruce Schneier, an American cryptographer, computer security and privacy specialist makes a good point: People get USB sticks all the time. The problem isn't that people are idiots, that they should know that a USB stick found on the street is automatically bad and a USB stick given away at a trade show is automatically good. The problem is that the OS trusts random USB sticks. The problem is that the OS will automatically run a program that can install malware from a USB stick. The problem is that it isn't safe to plug a USB stick into a computer.

1 of 391 comments (clear)

  1. OS designers, not the customers are stupid. by gurps_npc · · Score: 5, Insightful

    1) Given: People will take a random USB stick and plug it into a computer.

    2) Conclusion: Only a moron will design an Operating system that automatically runs software on a USB stick. Any sane OS designer should declare all USB sticks to be suspect, and require an explicit confirmation before running any executable on it.

    The minimal convenience of having auto-run for USB drives is far over-ridden by the huge security leak.

    Design products for the people that will run it, not theoretical angels that will read and obey your instruction manuals - especially when they DO NOT COME WITH INSTRUCTION MANUALS anymore.

    --
    excitingthingstodo.blogspot.com