485
Anon finds a flashdrive
(sh.itjust.works)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 16 Sep 2024
485 points (97.1% liked)
Greentext
3991 readers
1929 users here now
This is a place to share greentexts and witness the confounding life of Anon. If you're new to the Greentext community, think of it as a sort of zoo with Anon as the main attraction.
Be warned:
- Anon is often crazy.
- Anon is often depressed.
- Anon frequently shares thoughts that are immature, offensive, or incomprehensible.
If you find yourself getting angry (or god forbid, agreeing) with something Anon has said, you might be doing it wrong.
founded 11 months ago
MODERATORS
Either brave or stupid plugging in a random flash drive they found on the street.
Just plug it into an air gapped machine with a Linux live environment
How many people have one of those floating around?
Surely lots. There are dramatically more phones on the planet than people.
Average person? Probably not many. But it's also not some expensive, rare, hard to have thing. I have several raspberry pi's that could easily serve the purpose by just not connecting a new image to a network.
Yeah the cheapest way, too bad the rpi 4/5 and future versions make it possible to write to the eeprom. Atleast it sounds like the newer ones have a way to make it write protected via a jumper or something.
Sure, but I mean the chances of someone creating a virus specifically to run when plugged into a pi running pi OS or other Linux os with the purpose of attacking the eeprom, delivered by dropping usb sticks in public is so ridiculously small it has to be functionally non existent.
Could be a USB killer, it'll fry your PC no matter what it's running.
True, you could probably solve that by breaking the casing off first if you're insistent on trying it. They don't look like a normal usb stick on the inside. Also I'd imagine it isn't really feasible to just go dropping them around but maybe you can get them cheap enough somewhere.
Yeah, not sure why you'd piss off random people with that, you'd be much better off doing some kind of ransomware attack.
That's also what I was originally thinking about.
I'd honestly just run it on my Linux laptop with the network disabled. It's old, so if it gets wrecked, I'm really not out much. And the risk of someone bothering to target Linux is incredibly small, so I'm comfortable with the risk.