malware in digital photo frames infects users computers
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Jan 27 18:50:00 EST 2008
John Ioannidis <ji at tla.org> writes:
>Alex Alten wrote:
>> Great. What next? I guess air-gap transfer of flash memory might be
>> the best solution.
>>
>> Malware's new infection route: photo frames
>> http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2008/01/26/MNE7UHOOQ.DTL
>
>For starters, you can turn off the "feature" that auto-runs code from the
>inserted media.
"And if thine eye offend thee, pluck it out".
It's not that easy. Windows relies on autoplay for software installs (that
is, it's intended use is to automatically run the installer when you insert a
software CD). Turning this off is probably going to cause an avalanche of
user support calls when their software "stops working".
It is possible to turn off autoplay just for USB devices through an obscure
registry hack, but this may turn off automatic handling of your digital camera
(and scanner, and ...) as well. In other words when you plug in your digital
camera to copy photos across, nothing happens, and the camera isn't recognised
by Windows (I've seen this happen when you turn off the Still Image Service,
there's no way to access your camera any more).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list