Always best to scan a USB flash drive before using it.
Did you know Windows Defender could be configured to scan a USB stick automatically the moment it is plugged in? Below are the steps to configure Microsoft Windows to automatically scan a USB drive↓.
Windows Defender is not configured for automatic scanning when the operating system is installed. Not sure why, as malware spreading via USB flash memory is one of the more prolific tech issues of the day. Our only guess is Microsoft giving us free will to make our own decisions, after all, scanning takes time and why not let the user choose when this is done.
This tutorial will take about three minutes to setup. I would suggest read the rest of this article and when done, go back and perform the few steps required to make the Windows Defender scan for USB flash drives.
We are going to make a Group Policy to scan USB flash drives using Windows Defender.
Let us run the Group Policy editor.
Press the Windows Key + R
Type gpedit.msc and press Enter or OK.
Look for the Administrative Templates under the top Computer Configuration directory, expand this directory (folder)
Scroll down to Windows Components, expand it
In that directory scroll down more and look for Windows Defender Antivirus, expand it
Finally, look for the Scan folder and click that folder.
On the right side of the dialogue box you will see additional settings, search for the Scan removable drives and double click that setting
This setting is disabled by default. Please click the radial enable button to enable this setting for your Windows computer.
Click Apply in the bottom right and then click OK.
That is it. Your Windows computer will now automatically scan USB flash drives using Windows Defender.
Alternatively, you can insert a USB stick and right click the drive letter and select Scan with Windows Defender but the problem here, is the USB could have already done it’s virus work before you had a chance to scan for malicious code.
The average user inserts a USB stick into their computer from a trusted source. However, there are companies and situations who receive USB flash drives or USB hard drives and they are not certain if the device is infected.
Globotron is a company based in New Zealand who designed the product. The product is called Armadillo and is an open-source USB firewall.
Some research has shown, as many as 29 different types of USB attacks can happen from plugging in mass storage devices (like USB flash drives and USB hard drives) or also HID devices (human input devices like keyboards and mouse).
The USB stack which is the low level code used in the host computer, is very complex and over time researchers and hackers have discovered ways to compromise a computer system through these vulnerabilities.
The Armadillo is an open-source device which is a firewall between a USB device and computer. The firewall isolates the firmware of the USB device so as not to infect your PC if the device has been infected with malicious firmware. You just need to plug in Armadillo between your computer and the USB device using the provided micro-USB cable. Armadillo is an upgrade over USG, the original or first-generation USB hardware firewall device.
The Armadillo has bot detection. This means if the USB firewall device detects malicious codes are being entered via keyboard or mouse (HID devices) the device will block transmission and a red LED indicator light will turn on.
The Armadillo has the ability to temporarily make your USB read only. This is valuable if the computer is infected and you need pull information (recovery software) from the USB stick and want to insure virus’ do not infect the flash drive. The USB is read-only, but it is read/write when not connected to the Armadillo.
Note: If you need a USB stick that is always write protected at the controller level, yet need to temporarily turn off the write protection for data changes, the Lock License drive from Nexcopy is your solution.
This last point about the Armadillo is a bit strange, but we like it. The body is sealed with glitter epoxy so it is easy to identify if the box itself was tampered with. Very creative!
Fuzzing is a method of testing with automated software which provides invalid, unexpected, and random data as inputs to a computer program. The testing program then monitors for crashes, assertions and potential memory leaks.
A research team based from Purdue University came up with USBFuzz, which pushes enormous amounts of random data through the USB bus of a system. Hui Peng and Mathias payer (from the Swiss Federal Institute of Tech) came up with the idea and program.
Please don’t lose any sleep over the bugs found.
Peng and Mathias found one bug in FreeBSD, three in MacOS (two resulting in an unplanned reboot and one freezing the system), four in Windows 8 and Windows 10 (resulting in Blue Screens of Death) and the vast majority of bugs, in Linux — 18 in total.
Of all these bugs, Windows users do not need to worry, they have been fixed. Of the 18 found in Linux, 16 of them have been corrected already. Those correct where major security flaws.
What we like about the USBFuzz is the underlying theme to improve the security of the USB platform and continued improvement. We also like USBFuzz becoming an open source bit of code that everyone may use to strengthen thier USB product. The team will release a version on GitHub later this year, 2020.
If you are an avid user of USB security dongles, you might know how challenging it may be to get remote access to these devices. To simplify this task, Electronic Team, Inc. has developed a dedicated software solution capable of sharing USB protection dongles over the network.
Donglify is a lightweight desktop application that allows connecting USB hardware keys to remote computers over the Internet and LAN. The software uses the 2048-bit SSL encryption to secure your connections, so you don’t need to worry that your sensitive data will be intercepted or lost.
One of the nicest things about Donglify is that it can redirect one USB dongle to several remote PCs simultaneously. In order to make a USB hardware key available for use on multiple computers, you can just connect the device to your local PC and share it over the network with nothing more than a couple of clicks. This option, currently, works with HASP HL Pro, Sentinel HL Pro, SafeNet eToken 5110, and CodeMeter CmStick security keys.
USB hardware keys of other types can also be shared over the Internet but you’ll be able to access them from one remote machine at a time.
Donglify is available by subscription and comes with a 30-day free trial. When the trial period is over, you can continue using the service for $19.99 a month.
Last year, Google released the Titan security key. It can be used as ultra secure methods for two-factor authentication for some online services over USB-A, NFC, or Bluetooth. Today, Google announced an updated USB-C key to the lineup, which will be available tomorrow from the Google Store for $40.
The new USB-C key appears to have similar functionality to their previous model, all of which are built to the FIDO standard. The USB-C model lacks the NFC capabilities that its other two keys have, but this shouldn’t matter as the USB-C design is meant for you to plug it directly into your portable device, such as phone or ultra-thin laptop. That said, NFC is a bit moot.
Google’s new USB-C key is compatible with Android, Chrome OS, macOS, and Windows devices (Only the Bluetooth key works with iOS, and it requires the installation of Google’s Smart Lock app.) Like its previous keys, Google says the USB-C key’s firmware is permanently sealed into a secure element hardware chip, making the key more resistant to physical attacks.
Google partnered with security key-maker Yubico to manufacture its new USB-C key. Google’s key looks a lot like Yubico’s YubiKey 5C. Both keys are pretty similar, but Yubico’s keys support a few more protocols than Google’s Titan keys do, such as WebAuthn, so they might be the better option for some, depending on what you need.
Google’s other two Titan security keys were previously only available as a $50 bundle, but Google says you’ll be able to buy them individually starting tomorrow. The USB-A / NFC key will cost $25, while the Bluetooth key,
With USB gadgets like this, it’s hare to imagine companies like ADT stay in business for residential customers. This working USB charger includes a miniature camera which acts like a surveillance camera. You can plug any USB gadget into it for charging, all the while record or stream video for what is going on within it’s view.
Use your Android or iPhone you may stream directly to your connected app or stream to a group of people you’ve authorized within the app. The spy camera records 1080p HD footage and will also record that video to the 32GB microSD card (included). Bonus: You can set the surveillance camera to record only when it detects motion.
The camera view is anything directly in front of the plug, so no ability to turn the camera itself, but that is a simple enough problem to solve, just use an outlet that is in-line with the viewing area you want to record.
Here are some noteworthy bullet points about what you will get for the low price of $29USD:
Motion Detection – Can be set to initiate recording only when motion is detected and then send a notification directly to your phone.
Loop Recording – Can be set to automatically record over old footage, allowing for uninterrupted video recording.
Night Mode – Can be set for recording in dim and low light environments.
Multi-Use – Allows for multiple users to connect to the same device (Supports up to 8 users)
Multi-View – Allows for multiple cameras to be connected to the same APP / Software. (Supports up to 8 cameras)
Paul Whelan was sentenced to 16 years in jail for espionage against the United States. As stated in the original post, and IT professional who cannot access “photos” on a flash drive, which was his cover for trading information, is a red flag something was going on.
Update: Feb 3, 2019
“I want to tell the world that I am a victim of political kidnap and ransom,” Whelan said during a press conference in May. “This is retaliation for sanctions.”
“…There are abuses and harassment that I am constantly subject to. There is a case for isolation,” he continued, before listing alleged abuses committed by prison staff.
The former Marine said that he was being subjected to “typical POW Chapter 1 isolation” techniques to run him down and described his imprisonment as the “Salem witch trial mentality.”
According to Reuters, Paul made a direct plea to the President of the United States saying; “Mr president [Trump], we cannot keep America great unless we aggressively protect and defend American citizens wherever they are in the world.” And this is very true.
It’s not every day we see “flash drive” in the headlines in association with espionage. However, it appears American citizen, Paul Whelan, was arrested in Russia for the charge of espionage.
Gathering information from the news surrounding this situation, Mr. Whelan is an ex-Marine who visits Russia. He is a world traveler, a security expert for a US based auto parts supplier [BorgWarner], speaks Russian and uses a Russian social media platform called VKontakte, or VK.
From reports, the arrest happened like this: Whelan met up with a Russian associate who gave him a flash drive. Earlier in the visit, Whelan claims he received digital images from his vacation through his computer, but could not view them on his computer. Because of this, he asked the photos be placed on a flash drive.
Moments after the two met and exchanged the flash drive, the Russian policy arrested Paul and found state secrets on the USB drive.
Whelan claims he knew nothing of the information on the flash drive and was only expecting to see pictures of his vacation. I certainly hope this is the case, and I certainly hope Paul Whelan gets his chance to prove his innocents.
Some back ground information for Paul Whelan includes:
He served 14 years in the US Marine Corps Reserve until he was discharged for bad conduct in 2008.
His discharge was due to being convicted of trying to steal $10,410 in US currency. He was accused of wrongfully using another person’s Social Security number and writing bad checks. Hey, we all do dumb things when we are young.
Playing devil’s advocate, my only concern is a security IT guy not being able to open pictures? Regardless of the picture file format, shouldn’t be that hard. Maybe goes to show you to only use write protected USB sticks when traveling to another country. You never know what could happen.
Anyone in tech has seen the reports and news about USB sticks with a virus ruined a company network or infect computers. Google built a small and affective feature into their latest Chromebooks.
The USBGuard is a feature which blocks interaction between the mass storage device and the Chrome operating system. The OS will give power to the device, but not let data transmit.
The USBGuard blocks this activity when the Chromebook is in locked mode. When the Chromebook is not in lock mode, the USB will interact as expected as a read/write device.
Yubico YubiKey 4 appears to be an excellent device for a two-factor authentication solution. Two factor authentication means you need two things before gaining access. In this case, one piece of information is your password and the other piece is your finger print.
If you are using a password manager right now, (ie. Last Pass, Dashlane, etc) I would recommend getting this. The benefit of this device with a password manager is you can enable two factor authentication to add a new device capable of signing into your account.
This means if someone knows your password, it doesn’t really matter because they would also need your finger print. Understand that nearly all password managers conform to some sort of security protocol like FIDO U2F, smart card (PIV), OpenPGP, etc which in turn works with Yubikey.
Using Windows 10, you can partition a USB flash drive into multiple partitions. The process is not difficult, you simply follow some easy steps. This tutorial will partition the drive so that your device is assigned multiple drive letters when connected to the computer.
This partition process is not done at the USB controller level; or said another way, done at the hardware level. This USB partition process, for a lack of better terms, is done at the software level. What does this mean for you? It means the partitions can be wiped off the drive and full capacity of the USB flash drive can be restored.
When a USB stick is partitioned at the controller level, or at the hardware level, there is no way to reverse the partition. The multi-partition drive is permanent. At the end of this tutorial is the solution for a hardware based partition solution.
So let’s get started.
How to partition a USB flash drive in Windows 10:
Connect the USB flash drive to your Windows 10 machine. Be sure there is nothing valuable on the USB as this process will remove all content from the drive.
Right Click the Windows icon and select Disk Management.
The Disk Management window will appear with all the connected devices. Select your USB flash drive by clicking one time. By selecting your flash drive, it will allow Windows to apply the partition to that device.
With all the gadgets we post about here at GetUSB.info sometimes a word or definition can get twisted on it’s meaning. One of those terms is UDISK. First, please don’t complicate the term into something more than it is. There are two answers to this question.
There is the “slang” term for UDISK and there is the “technical” term for UDISK.
The “slang” term for UDISK
The Asia / Pacific Rim region use the term UDISK to describe a flash drive. This is the most common use of the term “UDISK” for no-technical people. In the United States and Europe people do not use the term UDISK to describe a flash drive, rather the common term of “USB flash drive” or “thumb drive” or “USB key.”
The “technical” term for UDISK
The technical term for UDISK is a bridge chip which is used inside an enclosure to turn a hard drive into an external storage device that connects via USB cable.
For example, in the picture below is a hard drive enclosure which is designed to hold a magnetic hard drive and turn the hard drive into an external storage device. A magnetic hard drive typically has an IDE or SATA connection interface and a UDISK chip is used to bridge the IDE (or) SATA interface to that of USB. This bridge chip (UDISK) changes the hard from from IDE protocol (or SATA protocol) to a USB protocol.
Examine the picture a bit closer and you can clearly see the SATA interface on the PCB. On that same PCB is the UDISK bridge chip which does the protocol translation.
The second image shows the back side of the external hard drive case with the USB cable connected to the enclosure. Using the UDISK bridge chip allows for an IDE or SATA hard drive to be connected to a host computer system via USB cable.
Cypress Semiconductor (now Infineon) makes such a bridge chip, called the FX3.
Conclusion:
UDISK is most commonly used to describe a USB flash drive.
Technically the term UDISK describes a bridge chip used in hard drive enclosures.