search

SanDisk SD-ROM Bedienungsanleitung

Stöbern Sie online oder laden Sie Bedienungsanleitung nach Nein SanDisk SD-ROM herunter. U3 USB Stick (In-)Security Benutzerhandbuch

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 7
  • Inhaltsverzeichnis
  • LESEZEICHEN
    • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 0
U3 USB Stick (In-)Security
Q2/2007 by Martin Suess, martin.suess@csnc.ch
1
USB Sticks with the U3 feature threaten the
security of workstations and the enterprise
infrastructure.
A technical analysis about the U3 technology
on USB sticks and mitigation approaches for
personal usage as well as enterprises.
Introduction
USB memory sticks can be found
almost everywhere. Today, they
can be seen as the replacement for floppy-
disks, ZIP-drives and all that kind of media.
Nearly unnoticed, many of todays memory
sticks contain the two characters "U3" in a
symbol on the backside. Where is the
difference to the old fashioned USB sticks? Do
they bear any risks?
The U3 Technology
A U3 USB Stick is a normal USB memory stick
on first sight. Additionally it emulates a CD
ROM drive with around 6MB of space. Any
computer will recognize a USB disk drive and a
USB CD ROM drive when this stick is plugged
in.
The U3 technology was
developed by U3 [1], a joint
venture of SanDisk and other
memory vendors. U3 was
created to be able to have
Windows applications and their
configurations always ready to
run from a USB stick.
Applications which are enabled
to run from a USB stick are
called "Portable Applications".
The U3 capable USB sticks
contain a LaunchPad.zip, a
LaunchU3.exe and an
autorun.inf file. When the stick is plugged in, the
Windows autostart feature reads the autorun.inf
file like on other CD/DVD ROMs and starts the
U3 launcher application. The U3 Launchpad
emulates a Windows-like start menu and
controls the installation and program start of
portable applications. The systems do not have
to be modified and the autorun feature for
CD/DVD drives is enabled by default on
Windows systems. The application which is run
by the autostart feature is executed with the
current user.
Applications may access local files and registry
information but they are removed when the
stick is ejected properly.
Windows stores a few information bits in the
registry for every USB device which is plugged
in under the following registry key:
HKEY_LOCAL_MACHINE\System\
CurrentControlSet\Enum\USB
But wait a second, ...
...you can also use the Windows autostart
feature with a normal USB stick, so what's the
big deal?
To automatically start an application from a
normal USB stick, the Windows registry has to
be changed (described later in this article). By
default, Windows only autostarts from CD/DVD
ROMs. Since U3 sticks emulate a CD ROM, the
application will be started by default.
In short, a Windows has to be changed to allow
autostart from removable devices but has also
to be changed to deny autostart from CD/DVD
drives.
By the way: The autostart feature does not work
on Windows XP/2k when the screen is locked.
Modifications
The Official Way
The vendors of the USB sticks
offer updater applications which
allow updating the firmware of
the emulated CD ROM on the
U3 Stick. In case of SanDisk, the
updater is named LpInstaller.exe
and fetches the most recent ISO
file cruzer-autorun.iso from the
SanDisk website. The content of
the CD ROM space is then
replaced with the files contained
in the ISO file.
Pimp my USB Stick
Before the updater of SanDisk downloads the
ISO file, it tries to find the ISO locally in the
same folder as the updater is started from. A
hacked ISO may be put on the stick when the
desired content is put in an ISO named exactly
like the official ISO. The ISO size must not
exceed 6'291'456 bytes in order to work.
Seitenansicht 0
1 2 3 4 5 6 7

Inhaltsverzeichnis

Seite 1 - U3 USB Stick (In-)Security

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 1 USB Sticks with the U3 feature threaten the security of workstation

Seite 2

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 2 Another way is to set up a web server locally and redirect

Seite 3

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 3 install bot and infects the PCs there. He is then able to control t

Seite 4

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 4 USB mass storage devices can be disabled by changing the DWORD valu

Seite 5

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 5 It is possible to allow a whole Vendor / Product ID group (e.g. SanDis

Seite 6

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 6 Microsoft's TweakUI also supports this setting but only c

Seite 7

U3 USB Stick (In-)Security Q2/2007 by Martin Suess, [email protected] 7 About the Author Martin Suess completed his studies for BS in Co

Kommentare zu diesen Handbüchern

Keine Kommentare
Verwandte Produkte und Handbücher für Nein SanDisk SD-ROM
Nein SanDisk uSSD 5000 Bedienungsanleitung   (18 Seiten)
Nein SanDisk Cruzer Profile Bedienungsanleitung   (6 Seiten)
Nein SanDisk Cruzer Professional Betriebsanweisung   (16 Seiten)
Nein SanDisk 2GB - 2GB Micro Secure Digital Card Bedienungsanleitung   (23 Seiten)
Nein SanDisk Connect Bedienungsanleitung   (3 Seiten)
Nein SanDisk SDDR-01 - ImageMate External Parallel CompactFlash Card Reader Handbuch   (118 Seiten)
  • Worx Atlas Sound ProLights RiceMaster Solar-water-heater
  • Creative Nein Fujitsu Server Gateway Grafiktabletts Easypix Brückenkameras Pioneer Kassettenrekorder
  • Simoco SRM9030plus Electrolux EZC2430AOX Dell PowerVault MD3200i Acer DA241HL Robertshaw 9600
  • Samsung UE40ES8000S Bedienungsanleitung VTech S2221 Betriebsanweisung Miele DA 270 Alu Bedienungsanleitung Electrolux ESL6551RO Bedienungsanleitung Electrolux ESI4610RAX Bedienungsanleitung