Helping people with computers... one answer at a time.
When using a portable USB flash drive or disk it's important to understand the risk of infection; you may not be as safe as you think.
I put my USB device in many computers, XP, Vista and Win7 on a daily basis. What are some options to protect it from becoming infected and/or transmitting malware from one computer to another?
With the recent rash of malware that travels by infecting removable devices like USB devices, you're right to be concerned.
There are several approaches, but they depend on just what kind of control you have over the various computers you're using.
By far the best and most effective way to prevent malware from spreading to your USB device is to keep the machines that you connect it to clean and malware-free in the first place.
For machines that you control, that means the standard techniques:
Use a firewall
Keep the operating system and all software up to date
Scan for viruses and spyware regularly
Be alert and practice safe computing (avoid bad sites, attachments, scams and the like).
If there's no malware on the machine, then there's no malware to infect the device you plug into it, simple as that.
If you must connect your USB device to computers that you don't control - for example library computers or other public, school or perhaps even business computers, then you must take additional steps.
Get a USB device that has a "write protect" switch, and ensure that the device cannot be written to when inserted into a computer that you don't control.
Honestly, I tried to think of additional steps or alternatives, but nothing seems even close to practical.
If you insert a non-write-protected USB device into a computer that you can't trust, that USB device immediately becomes untrustworthy itself.
You don't know that the untrusted machine isn't infected, and you don't know that the malware didn't just infect your device.
Now, I suppose you could dedicate a machine of your own, isolated from your local network, that you could bring the device back to in order to plug in. You would allow that machine to run the risk of getting infected. Each time after inserting the USB device into that machine you would completely restore that machine from some kind of image.
But even then, to what point? That didn't make whatever data you're attempting to transfer any safer.
The fundamental problem is that any type of file transfer from a computer you can't completely trust to your own opens up the risk of malware transfer.
At a minimum that isolated machine could run malware checks to at least raise your confidence level that you're not bringing back more than you bargained for.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.