Autorun is VERY bad
Rodolfo Alcazar Portillo
nospaze at gmail.com
Tue Feb 8 14:36:32 UTC 2011
On Mon, 2011-02-07 at 10:21 -0800, kellyremo wrote:
> How to disable autorun? Are there any hidden autorun features on a
> standard Fedora install??
> http://securitytube.net/USB-Autorun-attacks-against-Linux-at-Shmoocon-2011-video.aspx
FUD: "Lots of code executes when a new mass storage device is connected"
Fact: Lots of code executes when a new mass storage device is connected,
before, after and even when the device is not connected. And no file
from a USB is executed by a kernel or root process. Not even any owned
by a user process -although explicitly programmed-.
Some drivers are executed, of course. That's equivalent to say that some
kernel processes are executed when a USB is plugged. Executing kernel
code is completely different from automatically running an executable
file located on the USB -which precisely windows autorun does-.
Now, any vulnerable or buggy kernel code has nothing to do with autorun.
That's like comparing midgets and oranges.
:)
----------------------------------------------
Rodolfo Alcazar Portillo - nospaze at gmail.com
otbits.blogspot.com / counter.li.org: #367962
----------------------------------------------
"Der Computer hilft uns, Probleme zu lösen, die wir ohne ihn gar nicht
hätten." - Unbekannter Autor
More information about the users
mailing list