While most virus and security threats stem from the Internet, there is another, seemingly innocuous, carrier of infection. And many of us leave our PCs completely defenceless.
These days, with sophisticated firewalls, antivirus and spyware tools, it can be the PC's USB port that is its weak spot. Is it any wonder? You don't need to be an administrator to install USB or FireWire devices. Almost anyone could plug in a USB thumb drive and expose your PC to potential threats.
If the threat of viruses isn't worrying enough, the thought of someone using your USB port to steal sensitive data certainly will be. And it's a big problem. Microsoft representatives told us of customers who have glued up their staff's PCs' USB ports to prevent such a scenario.
In the wrong hands, storage devices can siphon away valuable cargo faster than the Artful Dodger. And seemingly innocuous iPod music players have been cited as a serious security threat, too.
Known as Podslurping, iPods with their large hard drives, USB 2.0 and FireWire connectivity, can be an ideal tool for file-pilfering. Unconvinced? Head to www.sharp-ideas.net/pod_slurping.php, where security expert Abe Usher has developed a python program to demonstrate how easy it is to lift data. It's sobering stuff.
With XP's casual approach to USB security, it takes a third-party program to install some serious law and order. Smartline's DeviceLock 6.0 can restrict the use of USB, FireWire, Bluetooth and Wi-Fi devices, as well as optical and floppy disc drives. DeviceLock can work in conjunction with the Windows Active Directory, allowing network administrators to apply policies to groups of users, as well as individuals.
There's a free 30-day trial at www.devicelock.com.
SECURE YOUR PORTS WITH DEVICELOCK
1. Download the 30-day trial software of DeviceLock 6.0, log on to your PC as an administrator and install the software, choosing the setup option Service + Consoles. When asked whether you want to set up a DeviceLock certificate, choose to skip for now, as this can be carried out post-installation.
2. During installation you may be prompted for a licence code. Simply click Cancel if you'd prefer to use the 30-day trial period. Once setup is complete, you must decide which devices to allow or restrict access to. For stand-alone systems, the best way to achieve this end is through the DeviceLock Management Console.
3. Open the Device Management Console and, if unselected, click the Show/Hide Tree Console so that you get a split view. From the right-hand pane, double-click DeviceLock Service, select Local Computer and click OK. Trial versions will receive a 30-day trial period reminder. Click to close the prompt box.
4. In the left pane, double-click to expand Smartline DeviceLock and open the DeviceLock Service. Right-click Devices and ensure that the Display Available Devices Only checkbox is ticked. Doing so means that you won't be confronted with a list of options that are not applicable to your computer.
5. Expand the Devices list so that you can see the Permissions and Security setting areas. To change the access privileges for particular classes of device, click on Security Settings. This will display a list of devices and their current status. From here, you can simply right-click to enable or disable the devices.
6. For more selective methods of applying restrictions, click on Permissions. Select the device type from the right-hand pane and double-click to edit it. To alter permissions for several devices at a time, hold down <Shift> or <Ctrl>. The Permissions dialogue box will pop up; from here you can restrict access for individual users or user groups.
TIPS & TRICKS
NO PASSWORD, NO ACCESS
If you don't wish to use a program such as DeviceLock, there are some precautions you should take to reduce the risk of data being siphoned away. The most obvious of those is to use passwords to restrict access to Windows.
Ensuring that the boot sequence is set to Hard Drive in the system BIOS, is another good move, so that CDs and USB keys can't be used to boot into Windows. Password-protect the BIOS so that settings can't be changed back.
And ensure that your computer case is reasonably tamperproof. Direct access to the motherboard could allow jumper-tampering, which resets BIOS settings to their defaults - and removes your password protection.
THE ROOT OF THE PROBLEM Rootkit Revealer is a handy free utility which, as the name suggests, scans for hidden rootkit-based malware buried within Windows. It's pretty effective, too, managing to find most of the nasties hidden out of the reach of some antivirus programs. Suitable for Windows NT4 or later (www.sysinternals.com).
SECURITY IS NOT A FANTASY VMware Player allows programs to run while safely contained in a virtual machine - especially handy for unstable beta software. And the
download includes the useful Firefox Web browser. It does require quite a bit of processing grunt, though, so owners of modestly specified PCs may want to skip it (www.vmware.com).
LOCK IT UP ONLINE Rather than risk losing all your data, Carbonite's Online PCBackup will lock up critical files at a remote backup site. This is also ideal for when you need to access files from multiple locations but cannot transport your PC - just access them online (www.carbonite.com).