Warning: The Director of IT Services has determined that vaping is dangerous to your privacy.
I wager that the executive has been reminded of the security training he signed off on which indicates he’s aware he’s not allowed to plug any non-company equipment into his computer’s USB ports. This would be why.
True, but at pretty much every company I’ve been at, the IT policy documents are pretty much a huge joke. No personal use of the internet, at all? Maybe 1% of employees obey that. Everyone else understands that it’s something that the lawyers say has to be signed but that really means “don’t surf the net for personal reasons during work hours to the extent that you don’t get your work done. Get your work done. Thanks!”
There’s a Playboy joke or cartoon in there somewhere…
Is there a link, Johnny?
Yes, in the OP.
Until now, that is.
Sorry, thanks!
I wonder if this was using the “BadUSB” exploit that was revealed at the recent Blackhat conference?.
My wife vapes, but I’m fairly sure she only uses various 5 volt USB chargers rather than plugging anything into her desktop USB port.
Interesting. I had never extended the trend of using USB ports as power sockets to potential malware access. It’s really obvious in hindsight, and even users aware of IT policy restrictions wouldn’t necessarily think twice about plugging in a coffee warmer, fan, reading light, etc.
Damn.
I’m somewhat skeptical. The sole source of this article is a poster on Reddit. When asked for details, the poster said, “it was just a story” (cite). I didn’t read the whole Reddit thread, because trying to follow conversations on Reddit makes my eyes bleed, but I don’t see that the poster ever explained how they determined that the malware came from the device. And IT asking an exec at a big company if “anything changed in your life recently” as part of a malware response seems unlikely to me.
The Guardian quoted a guy from TrendMicro who said malware infecting a machine from any USB device is possible. Well, sure it is. But there’s no proof that actually happened here.
For the sake of science, I shoved a lit cigarette in the USB port of my company laptop. It, too, must have installed malware, as the USB port no longer works.
[QUOTE=Bayard;17928390The Guardian quoted a guy from TrendMicro who said malware infecting a machine from any USB device is possible. Well, sure it is. But there’s no proof that actually happened here.[/QUOTE]
Do you concede that a USB memory device could load malware onto a system? Using, say, a valid-looking popup menu to provide user authorization if needed?
Since the core of an active USB device can be the size of a lentil, embedding such in a nominally passive device and coding it to use surreptitious techniques to infect the system is hardly the stuff of fantasy.
The perfect such device for such guerrilla infection would be a USB cable.
I should think a flash drive, although one would have some caution plugging in a flash drive and little or none with a charging cable.
Do you think it could be cancer?
Like I said, sure it’s possible. I’m a computer forensic investigator. I’ve investigated lots of malware infections. Malware can spread by USB.
But the sole source of this story is some guy on Reddit who admitted it was just a story. So I doubt that malware spreading via e-cig chargers is something we need to lose a lot of sleep over.
That’s the point here, I think - embedding an active and possibly malicious component in devices that present themselves as being passive (chargers, or cables). Most users plugging in a flash drive will be more alert to strange things happening, will probably run a scan on the drive, etc.
No question. I am disturbed by the concept, though.
Yes, but when the hot chick from Mossad gives the Iranian guy who works at the uranium enrichment site a flash drive with pictures of her on it, that sucker will be plugged in at work. 
One can’t be sure that he will charge his e-cig on a work PC.
Now, put it in aUSB condom, and we might have a guarantee.