Back

@alcinnz @kevin @ajroach42 I remember trading floppy disks by mail, just barely, but there's definitely nostalgia in that.
That said, USB drives strike me as a scary way to do that, security-wise.

@marcink @alcinnz @kevin

And floppy disks weren't scary?

@ajroach42 @alcinnz @kevin Depends on the phase, back in msx times I felt very safe with those. :)
The way I remember it, things got scary with PCs, then less scary as floppy disk boot sectors became less important and antiviral software proliferated. Then scary again in cd times when MS thought autoexec was a great idea.

@marcink @alcinnz @kevin Aside from the idea of an exploding USB drive or something that shorts out your USB ports (yes, these attacks have been proven to work. No these things aren't common concerns for most people) what concerns do you have w/r/t flash drives that don't apply to floppy disks or CD-Rs?

@marcink @alcinnz @kevin I mean, yes, they can mount a HIDs and do dangerous things that way.

USB can hide a multitude of sins.

But what's your threat model look like if you're considering that?

@ajroach42 @alcinnz @kevin Exactly that, USB drives are active components and they have been used as opportunistic malware/botnet distribution channels. As for the threat model: to me it's like with Yankee Doodle in early pc times, noone was targeting anyone around me directly with that thing, but there was a time it was everywhere. Except when my pc is connected the potential for damage is higher.