Security is or should be a concern to everyone. Although the information I am sharing here isn’t exactly new, I figured it might be good to point out, since the Switchblade / U3 platform is gaining momentum in the wild it’s important to educate the user.

Switchblade is a suite of applications that will automatically execute from any USB thumb drive and lift a systems password hashes, Internet account log-ons, browser history, product keys, instant messenger log-ins and more. The shell is completely customizable. It requires windows 2000 or better as well as the user to have administrative rights. To use simply plug the drive into the computer wait a few seconds and remove. When you get home open the drive and browse to the folder where the files were saved and view them and run a hash breaker like Ophcrack with Rainbow tables.

The weakness with Windows LM hashes is widely known but this tool makes it so ridiculously easy for anyone to use and compromise a machine it’s scary.  What can you do?    How do you protect yourself?

There are several things….

1. Disable Autorun / Autoplay (Use the shift key)
2. Use Least Privilege Use for applications and user accounts
3. Log out when leaving a machine
4. Use applications like DeviceWall or use Group Policy
5. Disable USB ports
6. Educate users on USB dangers.
7. Use long passwords 15 charecters or more (likephrasesstrungtogether)
8. Don’t save you’re internet accounts to you’re machine

Switchblade info may be found Here – DeviceWall Here – Antidote Info Here -

There is even a variant of Switchblade called Hacksaw which actually is a proof of concept USB thumbdrive worm that self propogates itself to other drives inserted and sends information via SMTP . See Here -

If this article raises the hair on you’re neck, then it did it’s job. You can readily Google switchblade and find more detailed information on protecting yourself.