Helping people with computers... one answer at a time.
When using a portable USB flash drive or disk it's important to understand the risk of infection; you may not be as safe as you think.
I put my USB device in many computers, XP, Vista and Win7 on a daily basis. What are some options to protect it from becoming infected and/or transmitting malware from one computer to another?
•
With the recent rash of malware that travels by infecting removable devices like USB devices, you're right to be concerned.
There are several approaches, but they depend on just what kind of control you have over the various computers you're using.
•
Internet Safety Begins at Home.
By far the best and most effective way to prevent malware from spreading to your USB device is to keep the machines that you connect it to clean and malware-free in the first place.
For machines that you control, that means the standard techniques:
-
Use a firewall
-
Keep the operating system and all software up to date
-
Scan for viruses and spyware regularly
-
Be alert and practice safe computing (avoid bad sites, attachments, scams and the like).
If there's no malware on the machine, then there's no malware to infect the device you plug into it, simple as that.
Safety On The Road: Can't Touch This
If you must connect your USB device to computers that you don't control - for example library computers or other public, school or perhaps even business computers, then you must take additional steps.
-
Get a USB device that has a "write protect" switch, and ensure that the device cannot be written to when inserted into a computer that you don't control.
Honestly, I tried to think of additional steps or alternatives, but nothing seems even close to practical.
Suspicion Spreads Like A Virus
If you insert a non-write-protected USB device into a computer that you can't trust, that USB device immediately becomes untrustworthy itself.
You don't know that the untrusted machine isn't infected, and you don't know that the malware didn't just infect your device.
Now, I suppose you could dedicate a machine of your own, isolated from your local network, that you could bring the device back to in order to plug in. You would allow that machine to run the risk of getting infected. Each time after inserting the USB device into that machine you would completely restore that machine from some kind of image.
But even then, to what point? That didn't make whatever data you're attempting to transfer any safer.
The fundamental problem is that any type of file transfer from a computer you can't completely trust to your own opens up the risk of malware transfer.
At a minimum that isolated machine could run malware checks to at least raise your confidence level that you're not bringing back more than you bargained for.
Article C4667 - December 2, 2010 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
December 15, 2010 8:26 AM
Just put a SD card into a USB adapter. SD cards all have a lock-out slide on them. The Rosewill adapters can be found at newegg for about $7.00. I use these for my bootable Linux distros too.
We techs plug out devices into heavily infected computers every day. Never any problem.
Also, there is a flash drive made by Kangeroo that has a locking slide on it. You can probably find it at newegg.
Packrat1947
December 15, 2010 9:12 AM
Here's the name of a good lockable drive. Kanguru Flashblu II™
You can see this a Kanguru's website. It is 12 bucks.
PQI also make one, but it is very slow. I own one, but rarely use it. Also, the lock switch is buried in a little hole. I put mine in a milling machine and opened up the plastic. Now I don't need a pencil to access the switch. This was designed by people who never used it in the real world.
Personally, I just use the SD cards in a Rosewill adapter. This adapter is compliant with the 4 gig plus SDHCs. Using this adapter allows SDHC drives to be seen in older computers, so it solves multiple problems. Case in point. Recently, one of my customers returned from a vacation and could not bring up the pictures on their laptop. They thought that everything was deleted somehow. Anyhow, once the SD was plugged into the Rosewill, the pictures were seen, and then copied off.
Packrat1947
December 21, 2010 11:45 AM
I also use Panda USB Vaccine successfully. This can both protect your computer from being infected by a compromised USB device and also "vaccinate" a USB device against infection - double protection.
Also, "USB device" is not just a flash drive. I know of a case where a computer was infected by an infected digital camera.
22-Dec-2010
December 28, 2010 9:53 AM
Use USB Vaccine from Panda ( http://www.pandasecurity.com/homeusers/downloads/usbvaccine/ ), it creates an untouchable 'autorun.inf' file on your usb device, that viruses can't modify it to spread their infection. It works wonderfully!
January 11, 2011 11:49 AM
Even though this article is about prevention, there are some precautionary measures one can take when in doubt:
Press and hold the 'Shift' key when inserting a USB device. This will prevent the autorun feature even if it isn't already disabled via group policy and Registry Editor or other software.
And instead of double clicking / right clicking your way into the device in 'Computer', type the path (for eg. "G:\") without the quotes in the address bar and press enter. And if you are comfortable with Windows, you can manually delete suspicious files like autorun.inf, *.exe, *.scr, *.vbs etc. if present in the device and you are sure it shouldn't be there. To be thorough you may also want to enable the "Show Hidden Files" option and disable the "Hide file extensions" and "Hide protected OS files" options under the "Folder Options".