Feeds

Superphone system-CRACKING cable of DOOM ... is quite handy

MiniUSBs and common connectors are a sysadmin's best friend

Boost IT visibility and business value

Thumbs up

Android, Windows Mobile, Symbian and RIM are all different. Here you can add “thumb drive” to the list; it was replaced by the humble MicroUSB cable. If your device has Wi-Fi and the administrator of the target network is lax enough to employ WEP or WPA, you own them...

Given the compute power available in modern superphones, cracking and joining said network is trivial. Android is a real threat here; the number of applications for the Linux ecosystem to do exactly this is staggering. With a modest amount of programming skill, cloud services such as Amazon’s EC2 make these sorts of tasks even easier.

For added fun and merriment, you can get USB 10/100 NICs that will – to varying degrees of success – work on many of these devices. Even if security won’t let you into the building with a notebook, the systems administrator has thwarted your removal of data via USB and there is no Wi-Fi to crack, you have a hardwired network node in the palm of your hand.

Phones are a great place to smuggle in MicroSD cards. My keychain has a MicroSD-to-USB reader that folds out of what looks for all the world to be a supermarket loyalty card. Left alone for just a few minutes with a target computer, I can boot it up into the Linux distro of my choice.

Having bypassed the operating system restrictions of the local systems administrator, I now can use one of those readily available MicroUSB cables to turn my phone into a tethered 3G modem. Suddenly I can funnel any information on the local hard drive (or any vulnerable information on the network) out through a VPN over my 3G to wherever I want.

As a systems administrator, this is terrifying. It has helped me though. I have recently found myself called in more than once to clean up some mess left either by a fired administrator, or simply one who was on vacation and unreachable. Business owners are both impressed and afraid when you can take apart years of their IT security with an HTC Desire.

The threat of superphones has served me well. As a method of scaring the suits white enough to allow me to implement some real security measures, it’s priceless. So consider this article a thank you to the humble MicroUSB cable – you keep me employed. ®

The essential guide to IT transformation

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Object storage bods Exablox: RAID is dead, baby. RAID is dead
Bring your own disks to its object appliances
Nimble's latest mutants GORGE themselves on unlucky forerunners
Crossing Sandy Bridges without stopping for breath
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.