>“We investigate the anecdotal belief that end users will pick up and plug in USB flash drives they find by completing a controlled experiment in which we drop 297 flash drives on a large university campus. We find that the attack is effective with an estimated success rate of 45–98% and expeditious with the first drive connected in less than six minutes.”
https://cdn.elie.net/publications/users-really-do-plug-in-USB-drives-they-find.pdf
lel
>>54690778
I'd do that as well. See if there's something that might peak my interest, then format it and start using it as it would be mine. lol
>>54690778
I'd plug it in. I'd start up a live Linux distro and see if there's anything on it I can use to identify the owner. If not, then I'd deliver it to lost and found.
>>54690778
I would plug it in as well. If its a shitty Chinese one that just pops open, I might have a look inside it first for shits and giggles before plugging it in.
>>54690778
yes, and? they're college students, they dont have a vested interest in the school's property
most were probably opened on junker school PCs, not their personal drives
Luckily I use Qubes and my USB arbitration VM would be all that'd get infected.
>>54690852
Naughty USB! BadUSB!
>>54690778
Academic papers are the worst. They can take an interesting topic like this one and make it so dull.
>>54691320
Your life makes me feel sad
>>54691294
What the fuck did I just read
Opening it is the best thing to do. Even if you wanted to give it to the owner, there is a huge chance, being in the campus, it contains some signed school work which will lead you to the owner.
>>54690778
>not having a noexec flac when mounting external devices by default
kys
>>54690778
I plug it in to check if the owner has his details on a txt file in there or something, and if not then I take it to the lost and found so he can come pick it up.
>>54691369
how to make nerve gas. You are now on several government watchlists
>>54691350
What? You mean malware? I have disabled autorun in WIndows.
Even though I know the risks, I still would open it too
If I was on college campus I would just open it on a college owned PC
>>54691760
BadUSB doesn't need Autorun to execute. It's in the firmware of the drive.
I'm not even entirely sure if plugging into a *nix machine is safe. I do remember reading that there should be some suspect signs of it in dmesg.
>>54691294
>>54691985
Oh, well. That's just a study, it's not like some 1337 h4x0r is going to strategically place a bad USB stick for me to take.
>>54692034
>24 bit
>>54690778
I could've told you that without throwing 300 flash drives on the ground
>>54692347
What about it?
>>54692312
Sure, they're just going to install BadUSB on the majority of USB sticks being produced in China.
>>54692034
What does this do? Is this cheese pizza?
Ha. I have arch installed and I'd just plug it in as well since I never managed to get usb working anyways.
ROFLOL , failures.
>>54692526
sudo mount /dev/sdx /mnt/usb
>>54692492
Pretty obviously going to be instructions on how to create a handgun, I expect via 3d printing
>>54692034
WTF,how can so much data be stored in one sub 2mb file?
For any of you wondering its a collection of legal pics of some japanese woman which ive seen posted on /s/ and a lot of other places on 4ch
Its alot of softcore shit,like ALOT
pic related,just one of the amazing amount of pics stored in thin thing
>"accidentally" dropped pic related
>Teacher takes it
>Class is dismissed for a semester
>>54693057
That's a nice way to waste thousands of dollars in tuition the students paid
>>54692034
I'm contacting the CIA as we speak
>>54693606
>Living in america
>>54690852
>peak my interest
Not quite
>>54690778
I'd be too curious not to plug it in. I'd most likely just not mount it and instead pass the full block device to my virtual machine then mount it in there.
>>54692970
I didn't see any pics in it, just a gun guide
>>54690852
>peak my interest
kek
>>54692970
>follows instructions a picture he found on /g/ without hesitation
>has archives on his computer he doesn't remember downloading
>uses Windows
Thank you for your contribution. We'll make sure your computing power is put to good use.
>>54694223
Can youz explainz the ish? Dost thou maketh thine computational organ hitherto a bot?
>>54691985
The attack works on any OS because it's the usb controller (pic related) firmware that's the problem. You could flash the usb controller with firmware that detects the OS and downloads the appropriate malware binary for any OS from your c&c server. It works on anything with a usb controller really, so long as you have the time and patience to reverse engineer the manufactures firmware. Modifying firmware for every chip would be a mammoth task but I wouldn't be surprised if NSA has done it already.
>>54692034
does anyone have the one that actually contains the liberator
>>54693469
>the students paid
Daddy, the loaning agency, and the taxpayer, not the student.
>>54697609
Yeah and we should tax the rich more because they have money too right
>>54692034
I did this. Contains the files for the Liberator
plug it into my laptop.
I really don't care if my laptop OS gets borked.
I once found a random USB stick and it had the owners name on it.
I even got a thank you for returning it.
>>54693057
Is there a reliable way to check if a flash drive is a usb-killer? Like a device you can build that has a USB port and it either fries or not?
>>54690778
>45–98%
That's a wide margin
>>54701011
Dont know, but I'm pretty sure just by opening one, you could see whether or not this is a normal flash disk.
>>54690852
>Femanon
>Peak
>>54701504
>implying /g/ knows what a USB pen is supposed to look like
kekkirikek
I'd open it in one of my test machines or someone else's machine. Never my main computers.
>>54693057
Is there some sort of USB surge protector you can get to plug in random USB drives like this without running your ports?
Modded drives are the only real issue, because if I'm running Linux 99.9% of malicious drives aren't going to be targeting my OS.
Before someone says "just dont plug any USB drives in you find", if you find a drive it most likely belongs to someone and viewing the files on it could help you return it, so that's not really a solution either.
>>54691597
Achievement unlocked
Might be nudes on there
Let's be honest everybody who picked one up was thinking that
>>54690778
Is there any issue with dount a casual mount /dev/sdb1 on linux?
Or is this just a windows thing?
>>54702273
>dount a casual mount
que?
why not just mount it as read-only?
>>54691294
What is it about stuff like this that is so intriguing to read?
>>54702383
Because BadUSB doesn't care about how you mount it. You're infected as soon as you plug it in as long as your computer has a USB controller chip and it's powered on
