Pod slurping

From Wikipedia, the free encyclopedia

Pod slurping is the act of using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data is held, and which may be on the inside of a firewall. As these storage devices become smaller and their storage capacity becomes greater, they are becoming an increasing security risk to companies and government agencies. Access is gained while the computer is unattended.

There has been some work in the development of fixes to the problem, including a number of third-party security products that allow companies to set security policies related to USB device use, and features within operating systems that allow IT administrators or users to disable the USB port altogether. Unix-based or Unix-like systems can easily prevent users from mounting storage devices, and Microsoft has released instructions for preventing users from installing USB mass storage devices on its operating systems. [1]

Additional measures include physical obstruction of the USB ports, with measures ranging from the simple filling of ports with epoxy resin to commercial solutions which deposit a lockable plug into the port.

[edit] See also

• Data theft
• Bluesnarfing
• Sneakernet

[edit] External links

The external links in this article may not follow Wikipedia's content policies or guidelines. Please improve this article by removing excessive or inappropriate external links.

• How To: Simple Podslurping Script
• Podslurping and Bluesnarfing – The latest IT threats
• Summary of Podslurping
• Podslurping and related risks
• Pod Slurping - an easy technique for stealing data
• Pod Slurping or Podslurping
• Early description of pod slurping activity