Feeds

Superphone system-CRACKING cable of DOOM ... is quite handy

MiniUSBs and common connectors are a sysadmin's best friend

Top 5 reasons to deploy VMware with Tegile

Thumbs up

Android, Windows Mobile, Symbian and RIM are all different. Here you can add “thumb drive” to the list; it was replaced by the humble MicroUSB cable. If your device has Wi-Fi and the administrator of the target network is lax enough to employ WEP or WPA, you own them...

Given the compute power available in modern superphones, cracking and joining said network is trivial. Android is a real threat here; the number of applications for the Linux ecosystem to do exactly this is staggering. With a modest amount of programming skill, cloud services such as Amazon’s EC2 make these sorts of tasks even easier.

For added fun and merriment, you can get USB 10/100 NICs that will – to varying degrees of success – work on many of these devices. Even if security won’t let you into the building with a notebook, the systems administrator has thwarted your removal of data via USB and there is no Wi-Fi to crack, you have a hardwired network node in the palm of your hand.

Phones are a great place to smuggle in MicroSD cards. My keychain has a MicroSD-to-USB reader that folds out of what looks for all the world to be a supermarket loyalty card. Left alone for just a few minutes with a target computer, I can boot it up into the Linux distro of my choice.

Having bypassed the operating system restrictions of the local systems administrator, I now can use one of those readily available MicroUSB cables to turn my phone into a tethered 3G modem. Suddenly I can funnel any information on the local hard drive (or any vulnerable information on the network) out through a VPN over my 3G to wherever I want.

As a systems administrator, this is terrifying. It has helped me though. I have recently found myself called in more than once to clean up some mess left either by a fired administrator, or simply one who was on vacation and unreachable. Business owners are both impressed and afraid when you can take apart years of their IT security with an HTC Desire.

The threat of superphones has served me well. As a method of scaring the suits white enough to allow me to implement some real security measures, it’s priceless. So consider this article a thank you to the humble MicroUSB cable – you keep me employed. ®

Intelligent flash storage arrays

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
DEATH by COMMENTS: WordPress XSS vuln is BIGGEST for YEARS
Trio of XSS turns attackers into admins
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?