… a drop used for the clandestine exchange of intelligence information…
This is one definition of a ‘dead drop’, and one’s mind automatically switches to images of John le Carré’s George Smiley and other famous spy characters, fictional or real, who secretly exchange sensitive information.
The German artist Aram Bartholl however, has set up the project ‘Dead Drop’ in New York City with an alternative use in mind.
In a recent blog posting he describes his project thus:
‘Dead Drops’ is an anonymous, offline, peer to peer file-sharing network in public space. I am ‘injecting’ USB flash drives into walls, buildings and curbs accessable to anybody in public space. You are invited to go to these places (so far 5 in NYC) to drop or find files on a dead drop. Plug your laptop to a wall, house or pole to share your favorite files and data.
According to his blog, the feedback has been overwhelming, and he has created a separate web site, which even has instructions for those who want to set up the dead drop system in their own city/neighborhood.
But hang on a second…
What do we know about inserting USB devices into a computer? It is one of the most popular propagation vectors for malware, and USB devices were for example used for spreading the infamous Stuxnet worm, as well as lots of other worms, viruses, trojans and spyware.
The ‘Dead Drop project’ encourages connecting an USB device, which content is totally unknown (and changes all the time), to your computer.
My guess is that it is just a question of time (and not much) before these USB devices are infected with malware – by someone’s badwill or unknowingly. Secure computing behavior doesn’t comply with connecting your computer to any unsecure USB device.
I have no idea about Bartholl’s motivation for initiating this project – it may have been for fun only for all I know. Nevertheless, anyone using the devices put themselves at substantial risk.
Don’t use ‘Dead Drop’ USB devices or other unsecure USB devices! http://manage.norman.com/images/general_pictures/illustrations/dead_drop.jpg/en?size=preview – on Norman’s security blog
Related Posts
- Osama bin Laden dead – so watch for the spams and scams
Google's top-trending Anglophone search term right now is, understandably, "osama bin laden dead". Google officially describes its hotness (you couldn't make this stuff up) as volcanic.The short versi... - Crum is not (yet) dead, long live Morphex
Have you ever heard about the Morphex PE32 Loader? You are certainly not alone. Even the mighty “Uncle Google” can’t find the proper results:
all quiet on the Google front
But … it definitely ... - IPv4 is Not Dead
If you consult the Internet Assigned Numbers Authority (IANA) IPv4 assignment page you will notice that there are no remaining “UNALLOCATED” blocks in IPv4. This comes as part of the chain... - Adobe Reader X stops malicious PDF spam campaign dead in its tracks
A new malicious spam campaign underlines the security benefits of upgrading to the latest version of Adobe Reader - Adobe Reader X.
SophosLabs are currently seeing reports of a low-level attack, spamm... - Like Francisco Franco, Internet Kill Switch is Still Dead
Sometimes a really bad idea can live on, no matter how thoroughly it's rejected. Such is the case with the "Internet kill switch" idea featured on and off in proposed homeland security legis... - @EvilFingers and @DaKahuna2007: Is the IDS Dead?
We had presented a video at DojoCon 2010 and its video is out here. I thought of embedding it here for people who wish to view them. Shyaam Sundhar, @EvilFingers and John Fulmer, @DaKahuna2007 Is the... - Return from the Dead: Waledac/Storm Botnet Back on the Rise
The e-mail spam panorama is definitely showing an interesting trend lately. If you follow the news you may have noticed that a drop in e-mail spam activity was reported in the last couple of months; ... - Spam Volume Drop on Christmas Day
The monthly State of Spam & Phishing report has been tracking the decline of overall spam in recent months. The chart below shows the global spam volume dropping significantly since August.
An e... - Sudden spam drop leaves experts baffled
Spam volumes appear to have dropped to averages last seen in 2008 after an expected surge in bogus email over the Christmas period failed to materialise.
Full story: Network World on Security... - Spam Volumes Drop After Spamit Shakeup
The last few weeks has seen quite a shakeup in the spamming world. Our Spam Volume Index, which records relative movements in spam volume sent to a bundle of domains we monitor, has recorded a subst...
Posted on 22 November 2010. Tags: dead, Drop, resurrected
