Longhorn to block portables - What?!

[Callaway]

http://news.com.com/Longhorn+to+put+squeez...l?tag=nefd.lede

AN FRANCISCO--Windows makes it easy to quickly download files to iPods and other portable storage devices--a little too easy in the minds of many IT managers.

In the next version of Windows, Microsoft will give big companies an easy way to block use of such devices, while making it easier for consumers to connect their home systems to them, a company representative told CNET News.com.

Much has been made of the security risks posed by portable storage devices known as USB keys, or flash drives, music players like the iPod, and other small gadgets that can store vast amounts of data. Some fear that such tiny devices can be used to quickly copy sensitive data off business PC hard drives, or to introduce malicious software onto corporate networks.

"It's a real problem," said Padmanand Warrier, a developer in Microsoft's Windows unit. "That's the feedback we've gotten from IT folks."

To put the new features in place, Microsoft is hoping to move to a common model for how wired and wireless devices connect to a PC in 2006, around the time that it releases the next version of Windows, code-named Longhorn. For consumers, that means that wireless printers, networked music players and other wireless devices should be able to connect to a PC as easily as the USB drives today.

[Glowstick]

Uh, try some brain activity, maybe you get it then!

If you're a company, you can't afford your workers to run into the building, stick an USB keydisk into the computer and copy all sort of data off it. So you'd want an option to turn support for that stuff off. My old employer had every floppy disk drive removed due to this.

Get it now?

--edit: And oh, before you completely loose a load into your pants, it's an administration option, not a remote controlled option intended for every acronym that ends with AA.

[Colin-uk Veteran]

Cool (Y)

[tagerd0g]

Hmm, did you read the article? These tools are for companies only. It won't affect home users.

Besides, would you really want your users to download your company's secret files into their USB keys or iPods?

[lieb39]

Could be helpful for big organisations.. annoying for schools that put this stuff on and then students have to use alternative means to transfer files from school to home.

Ah well, its a long time off.

-lieb39

[tktino]

Omg

[Callaway]

Uh, try some brain activity, maybe you get it then!

If you're a company, you can't afford your workers to run into the building, stick an USB keydisk into the computer and copy all sort of data off it. So you'd want an option to turn support for that stuff off. My old employer had every floppy disk drive removed due to this.

Get it now?

--edit: And oh, before you completely loose a load into your pants, it's an administration option, not a remote controlled option intended for every acronym that ends with AA.

Geee thanks Tom. I was completely worried there for a few moments. Then after reading your wonderful reply and thinking how dreamy your avatar is, I'll sleep much better now. Thanks.

:p

Other solutions, non-disclosure contract? Linux? 100 ft magnets outside the main and rear entrances?

[Glowstick]

HEY, DON'T MESS WITH SUPER-HINDU-MAN!

NDA doesn't work, people are bad at keeping secrets. Linux doesn't work since it supports IO devices of all sort. 100ft magnets don't work, because you need an oscillating field to kill magnetic medias, and 100ft oscillating magnets will likely rip apart the metallic structure of the building, next to creating a blackhole.

[Cyranthus]

bad choice

[Long]

Thats a good move I think. More control of portable media in a workplace.

[Dougeh]

I think its a good Idea, still your never going to stop a corrupt employee giving secret information away. I think its more along the lines of stopping people bringing unapproved applications into the workplace (stopping potential virii / trojans).

Windows XP pre SP1 you could plug anything into a usb port and you wouldn't even need admin privs to install it, caused some problems at my college.

[tktino]

HEY, DON'T MESS WITH SUPER-HINDU-MAN!

NDA doesn't work, people are bad at keeping secrets. Linux doesn't work since it supports IO devices of all sort. 100ft magnets don't work, because you need an oscillating field to kill magnetic medias, and 100ft oscillating magnets will likely rip apart the metallic structure of the building, next to creating a blackhole.

i got half hindu in me. Ill burn you with my killer eyes :laugh:

[Glowstick]

I think its a good Idea, still your never going to stop a corrupt employee giving secret information away.

There is no way you can stop it at all. I can tell you. I've a complete database backup from an old employer lying around somewhere here. How did I get it? I was sys-/netadmin/DBA there. It's dated July 2002 tho, so it's not exactly of use anymore these days, however did their internal mail system run on the database and it was nice to read how they planned to make me jobless.

[Electronic Punk]

Why do we have to wait for longhorn until we can do this?

Tho I guess we can disable usb...

[b3ta]

No biggie - it doesn't mean Longhorn will not support Flash drives and iPods - just that admins will be able to block their access easier. (Y)

[kainashi]

sounds like a great idea to me, just as long as it doesn't get in my way. ;)

[chaicka]

Uh, try some brain activity, maybe you get it then!

If you're a company, you can't afford your workers to run into the building, stick an USB keydisk into the computer and copy all sort of data off it. So you'd want an option to turn support for that stuff off. My old employer had every floppy disk drive removed due to this.

Get it now?

--edit: And oh, before you completely loose a load into your pants, it's an administration option, not a remote controlled option intended for every acronym that ends with AA.

Ya man...

I have worked in corporates (financial sector) that disabled every single device that can read or write to portable medias (floppy drive, CD-ROM, LS120, ZIP, etc).

However, with the new technology of connectivity like USB and Bluetooth, there is simply little means to control what kind of device is allowed to connect and what kind of device to not allowed to connect.

The current only way we can protect corporate data from potential unauthorized leaking out, is to permanently disabling bluetooth. But USB we cannot do so since users may use USB mouse, USB keyboard, or even need to connect to printer via USB. Thus, there is a security loophole that cannot be closed unless there is some way to restrict what gets connected via USB.

[chaicka]

Why do we have to wait for longhorn until we can do this?

Tho I guess we can disable usb...

We can't.

Nowadays, printers and scanners connect oni via USB.

We have special users who require a private printing capability (like GM or Acct or Auditor) due to confidentiality of documents they need to print occasionally, thus cannot print to public pool of network printers.