Poison Tap – How $5 can hack your password locked computer.


So the world of computer security once again gets flipped on its ear.

There you are at your workstation, you need to go get a coffee or have a bathroom break and as per company policy you “lock” your computer (mac or pc) so that it requires your password to get back in and take you back to where you were.

Upon your return you find that your computer is still locked but as your get back to your work, you find small things different in your browsing experience. Nothing major at first but over the next few days you find that you suspect somebody remotely using your computer or accessing your password protected assets (banking, websites etc). What’s happened?

The new threat is the ease of which somebody now can walk by your station, insert a small usb device that hacks your pc and inserts hijack software into your computer. A few minutes later, after the usb device has been removed, you are still hacked and are still at the mercy of the hacker.

How can this be?

PoisonTap is the latest creation of Samy Kamkar, the tech behind a series of hacking devices and technologies that are super cheap and easy to implement. He provides this information in a whitehat capacity to show what is possible and then educate. He has since released the code and the specifications so that engineers and developers can learn from the vulnerability.

Kamkar was interview by ARS Technica ( a leading online news outlet) and said ” The primary motivation is to demonstrate that even on a password-protected computer running off of a WPA2 Wi-Fi, your system and network can still be attacked quickly and easily. Existing non-HTTPS website credentials can be stolen, and, in fact, cookies from HTTPS sites that did not properly set the ‘secure’ flag on the cookie can also be siphoned. ”

What this means is that this system hacks your browsers behind your password without needing your password due to the level of security the browsers use to store information. Macs are more vulnerable in that their browsing integration is more significant than on PCs whereby closing your browser BEFORE you lock your computer is more effective against this type of attack.

Kamkar explains further: ” Once the device is inserted in a locked Mac or PC (Kamkar said he hasn’t tested PoisonTap on a Linux machine), it surreptitiously poisons the browser cache with malicious code that lives on well after the tool is removed. That makes the hack ideal for infecting computers while they are only briefly unattended. ”

Obviously this type of attack requires a short and quick physical connection and wouldn’t apply to home environments but in large corporate spaces, public shared work places or public hotspots, this can be an extremely critical vulnerability.

The best way to defend against this type of hack in a public space, other than to take  your computer with you, is to shut it down completely before you leave even for a short break. Make sure your password is as complex as you can handle and prior to locking or leaving your computer unattended, shut down all browsers and apps so nothing is running in the background.

As always, if you have any questions or want to have a double-check of your own processes, contact us at Fixmycomputernow.com.

Original article: http://arstechnica.com/security/2016/11/meet-poisontap-the-5-tool-that-ransacks-password-protected-computers/

Advertisements
This entry was posted in News Release, Reboot Articles, Uncategorized and tagged , , , , , , , , , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s