After collaring a woman who got past security at Mar-a-Lago (described by Chris Hayes as President Donald Trump's "bribery palace") the Secret Service found a USB drive in her possession. So they stuck it in a computer to see what was on it.
From the Miami Herald:
Secret Service agent Samuel Ivanovich, who interviewed Zhang on the day of her arrest, testified at the hearing. He stated that when another agent put Zhang’s thumb-drive into his computer, it immediately began to install files, a “very out-of-the-ordinary” event that he had never seen happen before during this kind of analysis. The agent had to immediately stop the analysis to halt any further corruption of his computer, Ivanovich said. The analysis is ongoing but still inconclusive, he testified.
Experts say don't do that.
Jake Williams, founder of Rendition Infosec and former NSA hacker, criticized the agent’s actions “threatened his own computing system and possibly the rest of the Secret Service network." ...
Williams said the best way to forensically examine a suspect USB drive is by plugging the device into an isolated Linux-based computer that doesn’t automatically mount the drive to the operating system.
“We would then create a forensic image of the USB and extract any malware for analysis in the lab,” he said. “While there is still a very small risk that the malware targets Linux, that’s not the normal case.”
Motherboard has obtained and published a copy of the forensics report that suggests that Jeff Bezos's phone was hacked by Prince Mohammad Bin Salman Al Saud, possibly in a scheme to obtain kompromat that could be used as leverage to prevent the Washington Post of reporting on the death of Jamal Khashoggi, who was murdered […]
[Yesterday, we published my review of Tim Schwartz's new guide for whistleblowers, A Public Service: Whistleblowing, Disclosure and Anonymity; today, I'm delighted to include this generous excerpt from Schwartz's book. Schwartz is an activist whom I've had the pleasure of working with and I'm delighted to help him get this book into the hands of […]
In A Public Service, activist/trainer Tim Schwartz presents the clearest-ever guide to securely blowing the whistle, explaining how to exfiltrate sensitive information from a corrupt employer -- ranging from governments to private firms -- and get it into the hands of a journalist or public interest group in a way that maximizes your chances of making a difference (and minimizes your chances of getting caught).
Paralysis by analysis. It’s the phenomenon that happens when you’re so stuck on thinking through all the ramifications of your actions that you don’t actually take action in the first place. That can happen with all this free time you’re spending stuck inside your house. With literally every home-bound option available to you, it’s easy […]
At this point, it’s every single person’s responsibility to reduce their own carbon footprint and transition to a more sustainable lifestyle. But if you consider the grim fact that the biggest culprit of greenhouse gas emissions from human activities in the U.S. is burning fossil fuels for electricity, things, like pivoting to metal straws and […]
Companies that don’t have their own in-house design teams (which means 99 percent of all companies these days) face lots of serious questions. Among those questions is how you keep up with all the design requirements of a 21st-century company without the personnel. It isn’t just a website or an annual product catalog anymore. It’s […]