Disabling 'USB webkey'

I was thinking to myself, I really need to block these things.

Then read your post and realized you are right.

I never open attachments, its the same thing.

I was thinking of finding one of these... (Thanks to vintage computing for archiving such things)

http://www.vintagecomputing.com/wp-content/images/macperipherals/condom_large.jp g

Hi TelJones

I acutally work in producing and selling Digital Marketing Soultions such as USB Web Keys and NFC tags. What you have received is indeed a USB Web Key and I can confirm that the Vendor ID is generic, 05AC is used by all chipsets sent out from one of the manufacturers.

What I can confirm to you is this technology has been around for the last 6 years and is of NO security threat to your computer system. On a Mac, you are required to have Safari in the Dock for it to function, without Safari it will bring up Security Preferences.

As far as my knowledge goes, there is no preventitive method to stop this working as it is, as you have mentioned, a USB Keyboard emulator, opening up Safari and taking the user to a pre-programmed URL. These are great tools for marketing. They hold no storage and have no ability to transfer viruses or cause security attack issues.

If you do have further questions, please feel free to contact me, I'll be happy to assist where I can.

Have a great New Year.

Adam

My wife just give me one of those webkey that she find on the floor at the office! No marking on the key... so you plug the key in a computer... wow this crap open a web page on his own even if all the auto run are disable, on Windows and Mac OS! What a piece a crap this is! I totally disagreed with this kind of marketing! I would never buy from a cie that use such device for marketing... I try to remove Safari from the dock... it started Skype!

Hopefully you guys will go out of business pretty soon!

The problem isn't technological, it's social. You found an unidentified item on the floor of unknown origin, picked it up and inserted it into your computer. It's the equivalent of running an unsigned installer in spite of Gatekeeper's warnings that it cannot be trusted. Or opening an email attachment from someone you don't know. Or scanning an unlabeled QR code and being surprised when your phone sends you to pr0n sites (presumably you object to QR codes as well, since they share much in common with webkeys).

It would also be quite possible to build a PKG installer that wipes your entire computer. I could make one in about 60 seconds. If I email it to you as "Unidentified.pkg", will you just blindly run it because it was there?

The solution isn't to prevent your computer from running any PKG, or to change your email account so it can never receive an attachment, or to disable the camera in your phone.

The failure was with you, and the solution is simple: do not insert USB devices into your computer that you do not recognize or trust. Do not open attachments from people you do not know. Do not scan QR codes that have no identification. Windows users live with this every day because they're always at risk. Macs are more robust, but they are not impenetrable and being a Mac user doesn't mean you shouldn't precede everything else with common sense.

If you really must solve the problem with technology, try this:

http://www.amazon.com/dp/B0054U6O24

followed by this:

http://www.amazon.com/dp/B000LGPD64