Over here, at joatBlog: USB security is a pointer to some information about booktable USB drives....
I'm really in two minds with regards to bootable USB drives, on the one hand they're an immensly useful means of transferrring ever larger quantities of data.
But, from an IT Security point of view they're a danger, both from an information leakage aspect and also, with bootable drives, they present the possibility of someone coming to an enterprise and booting an environment to allow them to attack the network....
Now I know, at this point people will be saying "well they're no different than bootable CD's" as you can get some nice bootable security focused Linux distros (like the one over at Local Area Security, which in the wrong hands could be quite dangerous. However many corporates will deploy desktop PC's without CD drives, however you can't deploy a PC these days without USB ports.
It definately will lead to the point where some companies deicde to disable USB all together, or if possible, only the USB mass storage functionality. When that happens I forsee some ..... interesting.... discussions because as I mentioned, they are very useful devices....
