What can be stolen with a flash drive?

Post Reply New Topic

I got careless and left my laptop alone for a minute with a co-worker who is, basically, evil. She's the type of person who goes through life getting what she wants through manipulation and sabotage, and she wears a flash drive around her neck. The only thing open on my computer at the time was my connection to the internet. No other programs were open. Would she have been able to download my Word files even though the program as not open?

Word would not need to be open for her to steal copies of your files. If your computer was logged in as you she could simply have gone into Windows Explorer and stolen any of your Word documents or other documents you have on the computer.

NEVER let other people use your computer - NEVER. She could have stolen any kind of info, especially if she's the evil b***h that you say she is.

Anything can be put onto a flash drive pending size

Any files on your computer could be accessed w/o the program they are related to being open, unless your laptop is password protected - and even then, to a fair number of people, that would not be a complete deterrent.


M.

The only thing that could save you is to password protect your Word documents (which saves them encrypted); though this is not always foolproof - there are various techniques to either brute force or hack into the documents depending on the version of Word. Were your Word documents password protected?

Even if you logged out of the computer, if someone else has admin privileges they can get copies of your documents anyway.

If you left someone with full access to your computer for a few minutes with a fast flash drive they could potentially take copies of everything on your computer - and even worse install key loggers or other trojans so they could monitor everything you type or view - it depends on how nasty the person is and also how technically skilled they are.

I keep all manner of sensitive documents on my computer - from personal data to banking info to some customer data. However, I use TrueCrypt and all such documents are stored within an encrypted drive. The most sensitive documents are further encrypted within this drive! So even if my computer was stolen there would be very little chance of anyone getting any useful data from it.

hmm...yeah, she could do a search on .doc (or .docx if it's 2007), and get all your word files copied. The question is; how much time did she have, and how good is she? If she's an average person, I doubt she'd go to that much trouble.

Your Internet settings include a history of where you go. Depending on your company, these are deleted immediately; after a while (most of them), or never. You can pull that up fairly quickly, if someone else gets on while you're logged on.

Also, your computer (if networked) reports where you've gone on the Intranet (internal Internet), and this can be monitored in real-time. However, unless she has admin rights, I doubt you have that much to worry...from her.

Treat your computer at work as a billboard. Anything you do on it is the property of your employer, not you (this has been affirmed in legal cases). The best way not to worry is to have nothing on your computer to worry about...

And, as many others have mentioned, you shouldn't let her on the computer in the first place. Most companies have policies about that. Most companies have password-protected screen savers that you are required to set as soon as you get up from your desk.

Look out for yourself; no one else will.

Flash drive or not... if you had internet access, anyone could have shifted all kinds of stuff to another location.

I had that problem once. A co-worker went on my server and stole a MS Office 2007 license as well as a copy of Symantec Endpoint and put it on a 4gb FD.

However since I now use Open-source software I gladly make disks of open-source stuff fore people. Haven't had a problem since.

NEVER let anyone access your computer unless under a restricted-access account (and avoid that, if you can). Learn to use the security features available on your OS.

If you're on a Windows system, learn to hit "Windows-L" (lock) key sequence before you walk away from your 'puter. And set the security options to prevent simultaneous logins.

If the miscreant asks for unrestricted access, deny it. Raise a stink with Personnel if you have to...

At my workplace, there is an expectation that employees will roam. Everyone is permitted to use every PC - and all users are warned.

We have secure and backed up home drive that we provide to employees. They can't get to another employee's home drive. Anything stored on C: drive however, is fair game.

Thank you all for your helpful information. To give you an update, I think the Evil One has struck again. This time, though, it wasn't my computer. The common computer we use at the non-profit contains a database that three or four of us (not the Evil One) have been compiling over the past several months - detailed info requiring hours of data entry. Thursday the Evil One was using the computer, and inserted her flash drive for some task. The next person to use the computer got some strange error message and couldn't get the program to work. The next day I turned on the computer and got the Blue Screen of Death. Coincidence? I think not.

Maybe she had a virus or trojan on her flash drive and has infected the computer in a way that has crippled it?

You did have a backup of your database I hope? It should simply be a matter of putting it on a different computer and no data lost.

If the 'Evil One' is not in a supervisory position, bring it up to the managers of the non-profit, and explain exactly what has happened. --You may perhaps be rewarded with the 'Evil One's' termination of employment.

+1

Too much of a coincidence.

My rule is "When in doubt, lock it out." I had a laptop with Win98 that has a security feature in the BIOS. By pressing 2 keys at the same time, the system would blacken the screen and "lock out" until you entered the user or admin password. XP, Vista, Win7, etc. lets you easily assign a user password to any account, so you can go to START, LOG OFF, and SWITCH USER and it leaves you logged in but kicks you out to the login screen. So long as no accounts are not password protected, that's sufficient to stop the 'Evil One' from messing with your computer (unless she's really a computer genius).

I didn't worry about this in law school, and I came back to class to see that someone messed with the settings on my laptop. Considering we had an honor code, I was bothered that someone would even prank like that. From that day forward, I used the security feature the laptop came with to prevent further pranks...or worse.

Someone out there needs to invent a locking device that fits over ports so a flashdrive cannot be used until the person with the physical key removes the device. Then you could leave your computer on for a moment while you visit the washroom and not worry that someone will rape it while you aren't watching.