Two-Thirds of Lost USB Drives Carry Malware 196
itwbennett writes "Antivirus firm Sophos acquired a passel of USB sticks lost by commuters on trains in the Greater Sydney metro area at an auction organized by the Rail Corporation New South Wales. The company analyzed 50 USB sticks and found that not a single one was encrypted and 33 of them were infected with at least one type of malware."
Mac (Score:5, Insightful)
One interesting aspect of the results was that based on their data and formatting seven of the infected storage devices belonged to Mac OS X users or had been extensively used under this OS.
Truecrypt? (Score:3, Insightful)
Encryption (Score:5, Insightful)
The whole point of portable USB sticks is to access your data from strange computers. Plugging an encrypted USB stick into a strange computer completely defeats the point of the encryption. None of my USB sticks are encrypted; they don't need to be because they have no personal information on them.
Re:Truecrypt? (Score:5, Insightful)
There is an exception for the container hidden in an container, but that only offers plausible deniability as the existence of the larger container is obvious.
Conclusions (Score:5, Insightful)
(a) unlikely to encrypt the contents of their memory stick, and
(b) prone to malware infections
I'm not certain that this group is representative of the general population, however.
Re:What do you expect .. (Score:4, Insightful)
.. they were lost by the 10% of commuters stupid enough to lose an USB stick.
Why is this modded troll? Is it unreasonable to assume there might be some correlation between those people who are less careful with possessions and those who are less careful about encryption/malware, etc.? I'm not suggesting that it is impossible for a very careful person to drop something or have it fall through an unknown hole in the pocket, but at the same time, I don't think it is unreasonable to suspect that a population of those who left their USB sticks on the subway aren't necessarily perfectly representative of the population of USB stick users as a whole.
Re:Truecrypt? (Score:4, Insightful)
Re:Sample issues (Score:5, Insightful)
This isn't lost USB sticks - this is USB sticks that were lost and weren't reclaimed long enough to end up in a transit authority auction.
Auctioning these thing seems the height of irresponsibility. I wonder what legal ramifications there are for the Rail Corporation in releasing private information, (even if accidentally lost) to total strangers.
From TFA:
he Sophos researchers found personal information belonging to the former owners of the devices, as well as their families, friends and colleagues. The recovered files included images, documents, source code, audio files, video files, XML files and even AutoCAD drawings.
Re:CityRail = CityFail (Score:4, Insightful)
Re:Very nice of the Rail Corporation to auction th (Score:5, Insightful)
My thoughts exactly.
None of these (256 meg to 8 Gig) were so valuable that their destruction would have been considered a huge waste, and the potential damage to the forgetful owner could be massive. You would think that the LEAST they could do was format them, which itself is far from fool proof. But releasing them intact just seems dumb, even if not illegal.
he Sophos researchers found personal information belonging to the former owners of the devices, as well as their families, friends and colleagues. The recovered files included images, documents, source code, audio files, video files, XML files and even AutoCAD drawings.
Summary... (Score:5, Insightful)
Re:What do you expect .. (Score:3, Insightful)
People who lose stuff are not necessarily more "stupid", but they are definitely more "careless"
And yes, people who care enough to double-check all their possessions lose less than people who don't.
And the people who double-check their possessions are probably also the ones who double-check their virus scanner and/or their encryption.
It has little to do with "stupid". In fact, one of the stereotypes of a careless person is the highly intelligent "absent minded professor"
Re:What do you expect .. (Score:5, Insightful)
Re:What do you expect .. (Score:5, Insightful)
100% of items handed in, have been handed in -- what a surprise! How do they track lost items that were not handed in? This is as accurate as Gracie Allen's telephone poll -- 100% of people she phoned, had a phone.
Re:Conclusions (Score:2, Insightful)
Conclusions you can draw from this study: people who ride transit...
I'm not certain that this group is representative of the general population, however.
You must be American.