So the world of computer security once again gets flipped on its ear.
There you are at your workstation, you need to go get a coffee or have a bathroom break and as per company policy you “lock” your computer (mac or pc) so that it requires your password to get back in and take you back to where you were.
How can this be?
PoisonTap is the latest creation of Samy Kamkar, the tech behind a series of hacking devices and technologies that are super cheap and easy to implement. He provides this information in a whitehat capacity to show what is possible and then educate. He has since released the code and the specifications so that engineers and developers can learn from the vulnerability.
Kamkar was interview by ARS Technica ( a leading online news outlet) and said ” The primary motivation is to demonstrate that even on a password-protected computer running off of a WPA2 Wi-Fi, your system and network can still be attacked quickly and easily. Existing non-HTTPS website credentials can be stolen, and, in fact, cookies from HTTPS sites that did not properly set the ‘secure’ flag on the cookie can also be siphoned. ”
What this means is that this system hacks your browsers behind your password without needing your password due to the level of security the browsers use to store information. Macs are more vulnerable in that their browsing integration is more significant than on PCs whereby closing your browser BEFORE you lock your computer is more effective against this type of attack.
Kamkar explains further: ” Once the device is inserted in a locked Mac or PC (Kamkar said he hasn’t tested PoisonTap on a Linux machine), it surreptitiously poisons the browser cache with malicious code that lives on well after the tool is removed. That makes the hack ideal for infecting computers while they are only briefly unattended. ”
Obviously this type of attack requires a short and quick physical connection and wouldn’t apply to home environments but in large corporate spaces, public shared work places or public hotspots, this can be an extremely critical vulnerability.
The best way to defend against this type of hack in a public space, other than to take your computer with you, is to shut it down completely before you leave even for a short break. Make sure your password is as complex as you can handle and prior to locking or leaving your computer unattended, shut down all browsers and apps so nothing is running in the background.
As always, if you have any questions or want to have a double-check of your own processes, contact us at Fixmycomputernow.com.