Helping people with computers... one answer at a time.
Write protected USB and other devices will prevent certain types of malicious behaviour, but they will not keep you safe at a public computer.
I came across a USB flash drive with a write-protect switch on a website and placed an order. How does write protect in a flash drive work anyway? Does this not solve the problem of spyware on public computers, especially if you could run Roboform and portable Firefox off the flash drive? However because I have not yet received the thumb drive, I tried running portable Firefox off my hard disk with the folder's attributes changed to read only, and it doesn't seem to work.
•
No, it won't keep you safe. Not at all.
I'll explain just what that "write protect" means, why it's useful, and why it still doesn't help you at public computers at all.
•
Write Protect
To be honest, I'm surprised that more USB devices don't have this switch.
The concept is very simple: if the switch is set you are prevented from writing ANY data to the device; not one bit.
Typically, this works at the hardware level - the switch actually disables the electronic circuitry that is used to perform writes. Without that circuitry working you simply cannot write data to the device - you can only read.
When Write Protect Protects
If you cannot write to the device then you know, beyond a shadow of a doubt, that it cannot be tampered with. What that means is that it cannot be infected with a virus, for example.
That's a good thing.
It also means that if some software you're running from the device saves settings or somehow updates its own status on files kept on the device, it cannot make those changes or updates.
That could be a good thing - you know your application settings are never tampered with, and anything it might normally keep like history cannot be updated on the device. It could also be a bad thing - the application may fail to run at all.
Typically, what you want to look for when choosing applications to run from a read-only USB drive are "portable" applications which do not require installation, and even then, portable applications that do not require the ability to write or save data. Some may call that out as a feature, others you may have to experiment with.
What Write Protect Doesn't Protect
If the public machine you're using has malware on it - say a key, screen or activity logger - your read-only device doesn't protect you at all. If you login to some service, even using your USB key as the source of your login information, it can still be captured.
Your account can still be stolen.
Since you had to enter that information somehow, i.e. it had to pass through this un-trusted public computer, you've made it visible and available to any and all malware that's installed on that machine.
Write protected or not.
You may not walk away with malware on your device, but it doesn't matter. You may have already given your information to malware on the public computer you used.
Don't.
Just ... don't.
Public computers simply cannot be trusted. Period.
Article C4481 - October 7, 2010
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
SD cards are safe. We technicians plug our SD devices into heavily infected computers daily, and no one has ever reported anything jumping aboard. I do have PQI stick, but don’t use it because it is dreadfully slow. Stay away.
We do check into technician related websites all the time, and if anything infected a SD, it would be all over our news.
What I use is a Rosewill USB/SD converter. These are available for about 6 dollars at newegg. These are SDHC aware too.
Packrat1947
Posted by: Ron Nosack at October 12, 2010 8:45 PMNone of these comments -- absolutely none of them -- addresses the central problem, which is that in order to log on to any service using a public computer, you somehow have to send your login information into that service via the public computer. Like... "Duh!"
<Shakes head sadly...>
Posted by: Glenn P. at October 12, 2010 10:37 PMTo Glenn P.:
You seem to (accidentally or deliberately) miss the comment about using a DVD with your own, safe, operating system.
That does bring up other issues, I do admit - like whether you would be allowed to do it in the first place, and how to get onto the internet if you did - but it would protect you from software on the public PC because you wouldn't be running any of it...
14-Oct-2010
Posted by: Bob at October 13, 2010 12:59 AM
Hardware key-loggers ...I just checked out a web site that actually markets them and gives advice on how to install surreptitiously ....not nice.
Posted by: johnpro2 at October 14, 2010 3:45 AMAlso the BIOS can be compromised with firmware key-loggers as well apparently, although possibly much rarer.
In spite of the Pharaohs' of Egypt best efforts, grave robbers still found ways in to rob the pyramids. Nothing much has changed in 5000 years it would seem.
I downloaded .pdf and Xcel catalogues to client's computers from a USB memory stick.
Posted by: Mick at December 7, 2010 8:57 AMWhen I got home after visiting about 8 clients, my stick was infected.
Feel like a Typhoid Mary or an AIDS lover. Keeping a VERY low profile now.
To get the required protection for me and my clients I will have to step outside the box and switch to CD's so I know I am safe. Damn!