Posted by: Olga Kharif on July 26, 2005
A new security threat is fast emerging; it’s called Pod slurping. What it is: A while back, Abe Usher, whose blog can be found here, wrote a program that allows an iPod digital music player to download more than 20,000 files an hour from any computer it’s connected to.
Usher’s goal was to demonstrate vulnerability of corporate security. He had demonstrated it with gusto, by running the program on his own computer. The program copied all of his PC’s document files onto his iPod in 65 seconds.
What this means: any connected consumer electronics device, such as an iPod, MP3 player, a digital camera or a cell phone could, potentially be used to steal sensitive corporate data.
This problem will only snowball as the iPod and other consumer devices get wireless connectivity capabilities, as they no doubt will. Then, downloading files from the corporate network will be even easier: You won't even have to plug anything into your Wi-Fi-enabled laptop. Your laptop and your iPod will simply exchange files wirelessly.
The danger lies not only in devices downloading information, but also in uploading it. An iPod could, potentially, infect a network with a virus.
So, what's the solution? Usher recommends that companies restrict the use of devices like the iPod, which can store loads of information, within their companies. It's also a measure that consultancy Gartner recommends in a recent report.
Companies also need to store their files on protected corporate networks vs. individual computers, so unauthorized intruders wouldn't be able to access them. Encryption helps, too.
Or, check out some special software from SmartLine Inc., which locks access to USB and FireWire ports, used to connect portable consumer electronics devices to a computer. The software also restricts which users can access a company's Wi-Fi and Bluetooth wireless connections.
It's unclear how much of a threat iPod slurping really is today. I haven't found any information on companies that actually suffered due to iPod slurping; of course, they aren't likely to tell the world of security breaches they'd suffered, either.
Still, as consumer electronics gains wireless capabilities, I can see how iPod slurping could become a major problem.