This is why you don't borrow other peoples flash drive

Page 5 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

davmat787

Diamond Member
Nov 30, 2010
5,512
24
76
This might seem obvious, but if you are ever unsure of what is on a USB thumb drive, or any removable media for that matter, you should disable autorun prior to mounting the drive. In Vista, and I believe Win7, you can hold the SHIFT key down to disable autorun for that instance. If you want to disable autorun for good, the autorun wikipedia page will get you started in the right direction.
 

alkemyst

No Lifer
Feb 13, 2001
83,769
19
81
This might seem obvious, but if you are ever unsure of what is on a USB thumb drive, or any removable media for that matter, you should disable autorun prior to mounting the drive. In Vista, and I believe Win7, you can hold the SHIFT key down to disable autorun for that instance. If you want to disable autorun for good, the autorun wikipedia page will get you started in the right direction.

not going to help you on boot up.
 

davmat787

Diamond Member
Nov 30, 2010
5,512
24
76
not going to help you on boot up.

No kidding, the BIOS hasn't even handed it off to the windows bootloader yet if booting with the USB drive in. Windows isn't even in play yet so of course Windows Autorun stuff would not apply. Still, you can't stress enough that you shouldn't have a thumb drive with unknown contents plugged in from a cold boot.
 

mvbighead

Diamond Member
Apr 20, 2009
3,793
1
81
First, I don't randomly boot from my own usb drives before checking them in a booted OS first. Hell there could be drivers or a BIOS updater on there that I forgot about. It's stupid to *assume* a USB drive is EVER safe from a security stance. With flash drives you either A) know everything that's on them at all times and never loan them out to others or B) assume no flash drive is safe and check it prior to having it in at boot. I prefer the second option.

Secondly, I'm the one that handles all of her tech stuff like laptop at home. All files are stored on a centralized WHS machine that is backed up (and has a copy stored on a HD in the storage unit that I backup critical files to every month or so). So because of this she doesn't have anything on her laptop that would be lost from it. Oh, and her laptop isn't set to boot from usb devices in the BIOS for this reason as well. I change all PC's of mine to boot from HD first and disable all other options once it's up and running. It takes an extra 45 seconds to change it if I need to reformat in the future, and saves me hassles from booting from USB/CD/DVD drives when I forget something bootable is connected to the system.

Finally, it's not intentionally "destructive" where malice is involved. If I had known she was going to leave the flash drive in at boot, then I would have warned her to make sure to not have it in at boot because it might have other stuff on it (since I know that I have used those drives for that in the past). I made the mistake of assuming she was using it on already booted systems to transfer files between them, which wouldn't have mattered if I had a bootable part of the drive or not.



Very true I'm sure, but not for the reasons listed in this thread.



Perhaps you skipped reading the thread, but I acknowledged that it was my mistake for letting her borrow it without checking it knowing that I have had unattended slipstreams on flash drives in the past. However, I had to leave for work (she asked last minute) and I didn't honestly think, "hey what if she has the flash drive in the system at boot on her work system where the IT dept allows bootable usb drives?"

Ya know, I can buy not knowing what you have on every USB drive you have. But for me, I have several, and I know which one is DOS bootable (for BIOS flashes, RAID card firmware updates, etc.), and which one is just a bunch of random crap.

Giving anyone your unattended installation media is pure fail. At least with my bootable stick, it only goes to a DOS prompt... that's it. You can bet your ass if I created media such as what you have, I would know exactly which usb drive it was, and know not to lend it out for anything other than the purpose I had for that drive.
 

Veliko

Diamond Member
Feb 16, 2011
3,597
127
106
Ya know, I can buy not knowing what you have on every USB drive you have. But for me, I have several, and I know which one is DOS bootable (for BIOS flashes, RAID card firmware updates, etc.), and which one is just a bunch of random crap.

Giving anyone your unattended installation media is pure fail. At least with my bootable stick, it only goes to a DOS prompt... that's it. You can bet your ass if I created media such as what you have, I would know exactly which usb drive it was, and know not to lend it out for anything other than the purpose I had for that drive.

I bet you have your underpants labelled as well so you know which day to wear the special blue ones.
 

Rifter

Lifer
Oct 9, 1999
11,522
751
126
I would say its all of your faults

1. The company IT department for not locking down there systems, allowing USB boot on workstations is like retarded, there IT department must suck real bad and i cant see it employing someone who actually passed a A+ cert let alone employing anyone with a computer degree. This is like first week security here and im actually surprised there are IT departments out there that dont catch crap like this. MASSIVE security risk here.

2. Yours for giving the drive and not informing her what was on it.

3. Hers for not being smart enough not to boot the comp with the unknown USB stick already in it.
 

mvbighead

Diamond Member
Apr 20, 2009
3,793
1
81
No it doesn't, unless it's a knife and a small child.
Replace USB drive with knife, and GF with small child, and laptop with body part, and you might have a case for the OP being responsible in some way.

But flash drive + adult human + laptop? No.

Are you kidding here?

We're not talking about death. We're not talking about hurting kids. We're talking about 'puters.

Would you hand a novice the media the OP did and just claim whoopsies when the novice rebooted with the media still in the system?

Your scenario vs my scenario:
knife : usb drive with unattended install
baby : novice
body part : computer

Somewhat similar in setup, the only difference is that one is likely to cause death or serious physical injury, the other is likely to likely to cause data loss and a waste of someone's time.

I damn sure would not hand a loaded gun to a person who has not used guns, and I would also not do what the OP did. As someone who has known about the use of guns for quite some time, the first thing you learn is act as if the gun is loaded at all times. Never hand someone a loaded gun without making damn good and sure they are aware that it is loaded.

In the OP's case, if he has the capacity to create an unattended installation media, he should also have the capacity to check it and inform others he intends to loan it to. While it was not his intent to hand out the loaded gun, if he created it, he should "unload" it when he is done using it. At the very least, he should have put it away somewhere for future use if needed. You don't put something like that back with all the misc. other devices you have for the reasons discovered by the OP.
 

mvbighead

Diamond Member
Apr 20, 2009
3,793
1
81
I bet you have your underpants labelled as well so you know which day to wear the special blue ones.

You are completely deluded.

I could give two shits about what underwear I wear on a given day. But, being someone who is technical, you can damn sure bet I would know what USB drive has an unattended installation sitting on it.
 

mvbighead

Diamond Member
Apr 20, 2009
3,793
1
81
I would say its all of your faults

1. The company IT department for not locking down there systems, allowing USB boot on workstations is like retarded, there IT department must suck real bad and i cant see it employing someone who actually passed a A+ cert let alone employing anyone with a computer degree. This is like first week security here and im actually surprised there are IT departments out there that dont catch crap like this. MASSIVE security risk here.

2. Yours for giving the drive and not informing her what was on it.

3. Hers for not being smart enough not to boot the comp with the unknown USB stick already in it.

The only part I don't buy is MASSIVE security risk here. If you have MASSIVELY important data on a laptop or desktop in your environment, you've already screwed the pooch.

No one backs up workstations or laptops. So when the disk fails, your efforts to secure this machine with a BIOS password won't have anything to do with data loss at that standpoint. You don't expect users to go around formatting systems. And do you really think the helpdesk folks give two shits about having to re-image a system? They do it ALL THE TIME. Hell, some staffs do a quarterly re-image.

Point being, re-imaging a work system is a piece of cake in 90+% of scenarios. Had the OP's GF done that to her mother's computer... entirely different scenario.

Blame starts with the OP as he started the whole process. His GF violated company policy (most likely) by using an unauthorized external medium. And while the IT department lacked BIOS security, the only thing it really affects is a workstations that can be re-imaged (most likely) in a matter of an hour or two.

The only further point I can make is the idea of an end-user bringing in a hammer and smashing the shit out of the laptop. At that point, do you dock their laptop for them in a steel vault, and lock it and hold the key until they are ready to leave? Not if you have more important things to do.
 
Last edited:

ch33zw1z

Lifer
Nov 4, 2004
38,157
18,649
146
Perhaps you skipped reading the thread, but I acknowledged that it was my mistake for letting her borrow it without checking it knowing that I have had unattended slipstreams on flash drives in the past. However, I had to leave for work (she asked last minute) and I didn't honestly think, "hey what if she has the flash drive in the system at boot on her work system where the IT dept allows bootable usb drives?"

I would consider this == lesson learned

You hardly remember the things you did right, but you'll always remember the things you did wrong.
 

ch33zw1z

Lifer
Nov 4, 2004
38,157
18,649
146
I bet you have your underpants labelled as well so you know which day to wear the special blue ones.

Now you're just trollin'. If you can't even tell somebody what's on a flash drive before handing it over to them, then you should stop supporting people. That much is not even debatable, and directly related to the topic at hand.
 

Rifter

Lifer
Oct 9, 1999
11,522
751
126
The only part I don't buy is MASSIVE security risk here. If you have MASSIVELY important data on a laptop or desktop in your environment, you've already screwed the pooch.

No one backs up workstations or laptops. So when the disk fails, your efforts to secure this machine with a BIOS password won't have anything to do with data loss at that standpoint. You don't expect users to go around formatting systems. And do you really think the helpdesk folks give two shits about having to re-image a system? They do it ALL THE TIME. Hell, some staffs do a quarterly re-image.

Point being, re-imaging a work system is a piece of cake in 90+% of scenarios. Had the OP's GF done that to her mother's computer... entirely different scenario.

Blame starts with the OP as he started the whole process. His GF violated company policy (most likely) by using an unauthorized external medium. And while the IT department lacked BIOS security, the only thing it really affects is a workstations that can be re-imaged (most likely) in a matter of an hour or two.

The only further point I can make is the idea of an end-user bringing in a hammer and smashing the shit out of the laptop. At that point, do you dock their laptop for them in a steel vault, and lock it and hold the key until they are ready to leave? Not if you have more important things to do.

Im not saying its not a easy fix. It is. But being able to grab a USB thumb drive stick it into a computer boot to(insert OS of choice here) and download any files you want off the workstation without needing any kind of network/user login info is a security risk. I realize that all sensative data should be stored on a central server and you can encrypt the hard drive but this is not always the case, and whatever project the workstation user is currently working on is sometimes on that workstations hard drive as well as a central server.
 

CZroe

Lifer
Jun 24, 2001
24,195
857
126
Anyone that has neferious plots to load a new os from a bootable flash drive or optical media is going to know enough to check the boot order in the BIOS.

Aparantly, you forgot about boot sector viruses that spread via bootable floppies. The user wouldn't know about EITHER the floppy boot order or the potential for a virus. Many didn't even know they were bootable. I remember calling Acer tech support shortly after I got my first PC ~1995 because I thought it was broken when it stopped booting and said "Disk Boot Failure: Insert system disk and press any key" (what is says when it encounters a non-bootable floppy or HDD in the boot order).
 
Last edited:

CZroe

Lifer
Jun 24, 2001
24,195
857
126
LOL. BIOS batteries fail all the time. In such failure, they lose passwords and reset to default. Further, there is no way to really manage the BIOS centrally. Someone making $10-$15 an hour in a helpdesk position most likely won't be the perfect employee you seem to be thinking of.

All those things said, the majority of the fault lies with the OP due to loaning a no prompt installer boot device. There is a reason why such things are a bad idea... the OP's GF found that out the hard way.

Most corporate notebooks do not have CMOS batteries or have the password stored in EEPROM. It's not a new thing and it's not only corporate systems. My Intel D850GB (the original i850 Pentium 4 motherboard) from over 10 years ago didn't even have one.
 
Last edited:

Veliko

Diamond Member
Feb 16, 2011
3,597
127
106
Now you're just trollin'. If you can't even tell somebody what's on a flash drive before handing it over to them, then you should stop supporting people. That much is not even debatable, and directly related to the topic at hand.

No it is not trolling to suggest that labelling the contents of your USB thumbdrives is an utterly inane thing to do. I have a few thumbdrives and other than one particular one which has a bootable install of W7 on it the contents of them are unremarkable. There is no need for me to know what the contents of them are, nor to check them before letting someone borrow one.
 

Veliko

Diamond Member
Feb 16, 2011
3,597
127
106
You are completely deluded.

I could give two shits about what underwear I wear on a given day. But, being someone who is technical, you can damn sure bet I would know what USB drive has an unattended installation sitting on it.

Being technical has nothing to do it - it doesn't render you immune to forgetting things.
 

ch33zw1z

Lifer
Nov 4, 2004
38,157
18,649
146
No it is not trolling to suggest that labelling the contents of your USB thumbdrives is an utterly inane thing to do. I have a few thumbdrives and other than one particular one which has a bootable install of W7 on it the contents of them are unremarkable. There is no need for me to know what the contents of them are, nor to check them before letting someone borrow one.

So you labeled the bootable install of Win7 or just remember which one it is...great! You comments are no longer effectual, since you do the same thing you're arguing against.

Spin how you like, not knowing what's on your flash drives leaves you with nobody to blame but yourself when you wipe out someone's OS or data, regardless of your intentions.

You are trolling. Comparing OCD underwear antics to knowing what's on your flash drive is just that....trolling. Move along.
 

mvbighead

Diamond Member
Apr 20, 2009
3,793
1
81
Being technical has nothing to do it - it doesn't render you immune to forgetting things.

Being technical has EVERYTHING to do with it. As a technical person, I tend to know if I have a device I don't want anyone getting their hands on. I especially don't want to hand said device off to a non-technical user without letting them first know what it is.

As a technical person, I expect non-technical people to do exactly what you tell them not to do. It doesn't matter how many times you tell a non-technical person not to do something, at some point, they are going to do it. For this very reason, you do not hand them an unattended installation medium.
 

mvbighead

Diamond Member
Apr 20, 2009
3,793
1
81
No it is not trolling to suggest that labelling the contents of your USB thumbdrives is an utterly inane thing to do. I have a few thumbdrives and other than one particular one which has a bootable install of W7 on it the contents of them are unremarkable. There is no need for me to know what the contents of them are, nor to check them before letting someone borrow one.

Like ch33zw1z says...

buaaahahaaahahaaahaah.

You troll, you are arguing against the very simple thing that you do.
 

Veliko

Diamond Member
Feb 16, 2011
3,597
127
106
So you labeled the bootable install of Win7 or just remember which one it is...great! You comments are no longer effectual, since you do the same thing you're arguing against.

Er no. The fact that I currently know which thumbdrive the install is on is not a permanent and indelible memory - it is something that could easily be forgotten.

Spin how you like, not knowing what's on your flash drives leaves you with nobody to blame but yourself when you wipe out someone's OS or data, regardless of your intentions.

In the OPs case the blame lies with the IT department for not doing their job.

You are trolling. Comparing OCD underwear antics to knowing what's on your flash drive is just that....trolling. Move along.

If someone goes to the bother of labelling the contents of their USB thumbdrives then they can be ranked among the duller members of society.
 

ch33zw1z

Lifer
Nov 4, 2004
38,157
18,649
146
Er no. The fact that I currently know which thumbdrive the install is on is not a permanent and indelible memory - it is something that could easily be forgotten.

But you know which one it is. The fact you may forget is your fault, no one elses.

In the OPs case the blame lies with the IT department for not doing their job.

In the OPs case, HE effectively hosed his GF's lappy. You're nitpicking, I will agree (like before)the IT department shoulders some of the blame

If someone goes to the bother of labelling the contents of their USB thumbdrives then they can be ranked among the duller members of society.

Who gives a fuck? Not everyone's goal in life is to be some super exciting awesome dude.
 

Veliko

Diamond Member
Feb 16, 2011
3,597
127
106
Being technical has EVERYTHING to do with it. As a technical person, I tend to know if I have a device I don't want anyone getting their hands on. I especially don't want to hand said device off to a non-technical user without letting them first know what it is.

As a technical person, I expect non-technical people to do exactly what you tell them not to do. It doesn't matter how many times you tell a non-technical person not to do something, at some point, they are going to do it. For this very reason, you do not hand them an unattended installation medium.

He didn't realise he handed them an unattended installation medium, he thought he was just handing out a thumbdrive with generic contents on it.

If I created a drive that I had no intention of giving to someone else because of what was on it I wouldn't bother labelling it simply because I wouldn't see any reason to. I would bung it in a drawer and just leave it until I needed it. That I might forget what is on it is just, well, shit happens.
 

Veliko

Diamond Member
Feb 16, 2011
3,597
127
106
But you know which one it is. The fact you may forget is your fault, no one elses.

Yes, if I forget it is my fault that I forgot. That doesn't mean any and all consequences that may arise indirectly as a result of me being infallible are my fault though.

In the OPs case, HE effectively hosed his GF's lappy. You're nitpicking, I will agree (like before)the IT department shoulders some of the blame

I am not nitpicking, I am responding to the situation. The IT department shoulders practically the whole blame.

Who gives a fuck? Not everyone's goal in life is to be some super exciting awesome dude.

I give a fuck when said dullard starts lambasting me for not labelling and catalogueing my personal thumbdrives.