Quick Study

By Brian Robinson

Blog archive

To USB or not to USB

Those little USB thumb drives are very helpful little critters for transporting data easily between one computer and another, you have to admit. However, they are also very useful for introducing malware into a system.

That was that the reason the Pentagon banned their use in November 2008, declaring that “Memory sticks, thumb drives and camera flash memory cards have given the adversary the capability to exploit our poor personal practices and have provided an avenue of attack ... malicious software (malware) programmed to embed itself in memory devices has entered our systems.”

Now, it seems, USB devices are OK. US Strategic Command has lifted its ban on their use. Not necessarily because they think they are safe to use, but because it doesn’t have the support to enforce that kind of ban indefinitely, according to this Wired report.

(InsideDefense.com first reported the story, but to read it online requires a subscription).

But here’s the thing. They are still dangerous things to use. A recent report said that certain Federal Information Processing Standard-certified USB drives actually had flaws that could allow unauthorized access to encrypted data, and then we get news that the South Korean military is planning to ban USB drives because of recent Chinese hacking attacks.

I can understand maintaining a ban, but saying that you can’t police it very well. At least you are sending the message that they are not safe to use. But knowing they’re not safe and lifting the ban anyway – what message does that send?

Posted by Brian Robinson on Feb 19, 2010 at 12:19 PM


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.