Obviously, you probably don't want to put your thumb drive in a computer that is very likely to be compromised, nor do you want to be accessing anything too sensitive unless you are pretty sure about the computer.
The basic threats (that I can think of) are viruses, keyloggers, file snarfers (programs that copy the contents of the drive to look for goodies), and corrupters (delete, scramble files). If you are using a writable drive you are susceptible to the first and last. Unless you are using an encrypted section, you are vulnerable to snarfing (and if an on-the-fly decrypted virtual volume is created you are still at risk).
My first drive was a 256 MB Cruzer mini. Unlike the more resent ones I've seen it has a write protect switch (is that becoming less common?) I also have a tiny SD reader, and SD cards are write protectable. I'm assuming that in both cases the write protect is done inside the flash device, and not just left as a suggestion to the OS.
I'm thinking about putting together a handful of security applications--virus scanners and other malware detectors to put on the device. As long as there is no sensitive information and it is write protected, it would be good to use *before* inserting my main drive. My uncertainty and paranoia would dictate what I would run and how much scanning I would do. Any leftover space could be used for non-sensitive documents and applications that pose no risk and have no sensitive associated data.
At a higher level of paranoia I would use a Linux live CD or thumb drive (I'm a die-hard Unix/Linux guy). The only (major) concern would be a hardware keylogger.
It would also be handy to have a *third* device that is writable but empty, just for saving files to. It would have to be scanned before using on a trusted computer.
Other random thoughts:
When I'm accessing a remote Linux box (and if I'm concerned about my private key being snarfed and a keylogger grabbing my password) I might use a one-time password (S/Key).
If I were truly ambitious I could put together a web application that I can safely upload files to. It would use a one-time password or have the ability to write (and possibly read) disabled with the push of a button when I'm finished. Access could be restored with a password (when I'm at a trusted machine).
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
Who here doesn't have an odd old 64mb (did they ever come smaller?) usb key lying around somewhere? I may implement such practices, carrying a usb key that has just protection stuff on it to clean a system before I put my main usb key.
Probably only implement it at internet cafes, friends computers and other systems I didn't setup myself or by folks I know who know. Luckily, there are pretty few spots like that for me, so it wouldn't be that too much a hassle.
Oh, and in truth, I don't think I've ever seen a usb key that had the write protect switch, like I saw on floppy disks or my SD camera cards. Didn't know that some came with them.
"... respect, all good works are not done by only good folk. For here, at the end of all things, we shall do what needs to be done."
Don't be an uberPr∅. They are stinky.
and I used it sometimes but if I remember correctly John said the manufacturers would stop to make them.
“Science is the belief in the ignorance of the experts” - Richard P. Feynman
"What about Love?" - "Overrated. Biochemically no different than eating large quantities of chocolate." - Al Pacino in The Devils Advocate
I have one such key--old CMDrive--(32MB...) with a writeprotect switch albeit difficult to reach
just a passenger on Gaia
just a passenger on Gaia