Autorun is a feature of Windows that has been around since the Windows 95 days. Autorun is one of those features Microsoft “borrowed” from the Mac to make Windows more user-friendly. In case you are not aware of what Autorun actually does, when you insert a CD, or a USB hard drive or flash drive, Windows will perform one of two actions, depending on whether a certain file is present on the CD or drive.
The first option is that Windows will find a file on the drive called autorun.inf. This file contains instructions for Windows to perform when it detects this media has been inserted into the system, such as a program to run. Some of you may already realize why this is a problem, but I’ll get to that in a minute.
The second option is that Windows doesn’t find an autorun.inf file. Windows will then scan the drive and pop up with a dialog box asking you which action you want to take, such as viewing the files, launching Media Player to play music or video files found on the drive, or viewing pictures found as a slideshow.
The first option is a serious security risk. Why? Because with Autorun enabled, Windows will automatically, and without prompting you, launch whatever program is specified in autorun.inf. This program could be a virus, a keylogger, or any number of equally dangerous programs. One recent application of this method is known as podslurping. Podslurping is the simple process of taking an iPod with a specially configured autorun.inf file, and plugging it into an unsuspecting system that has Autorun enabled. The program that is executed automatically searches the drive for files “of interest,” such as Word docs, Excel spreadsheets, and Powerpoint presentations, and copies them to the iPod. It does this silently and quickly, and allows the owner of the iPod (or podslurper?) to walk away with valuable information without attracting much suspicion.
So what can you do to nullify the insidious nature of Autorun? You have a few options. The first, which is a bit too much of a manual process for me, would be to hold down the “shift” key on your keyboard whenever you insert a CD or USB storage device. This would not prevent someone else from podslurping when you are away from your desk, however. The method I prefer is a registry change to disable Autorun for good. Here are the instructions from Annoyances.org:
Windows 2000/XP
- Run the Registry Editor (REGEDIT.EXE).
- Navigate to HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Services \Cdrom. - Double-click the Autorun value, and type 0 for its value. (If it’s not there, create it by selecting Edit -> New -> DWORD Value, and typing “Autorun” for its name.)
- You may have to log out and then log back in for this change to take effect.
For other methods of disabling Autorun, and for older operating systems such as Windows 98, go to http://www.annoyances.org/exec
0 Responses to “The dangers of Autorun”