this post was submitted on 09 Oct 2024
211 points (97.3% liked)

Technology

59427 readers
4177 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] cmnybo@discuss.tchncs.de 59 points 1 month ago (14 children)

It seems like they could be rendered ineffective by simply disabling auto run and forcing removable drives to mount noexec.

[–] Majestic@lemmy.ml 3 points 1 month ago (3 children)

Well it’s believed it entices users to click the malware to run by disguising itself as the last accessed folder with the same name and folder icon.

In that case having the option to always show extensions enabled would be helpful for trained users who care to be careful.

It’s not that interesting sounding given we know the NSA and eyes countries have developed compromised firmware for certain hard drives to enable true spread without interaction or hope of prevention. Whenever I see one of these I wonder if it’ll be a case of compromising the device itself but it’s this old stuff instead which can be defeated with a good security posture.

[–] cmnybo@discuss.tchncs.de 3 points 1 month ago

When the drive is mounted noexec it's not possible to run any programs on it. You can also mount any user writable directories noexec so they can't copy the program somewhere else and run it.

load more comments (2 replies)
load more comments (12 replies)