A NEW DEVICE made from a Raspberry Pi Zero makes it possible to break into a computer and steal data in under one minute.
Samy Kamkar, the ethical hacker who designed the device, claimed that it is so effective that the only real solution is to fill your USB ports with cement.
The PoisonTap costs just £4 to build, but when plugged in via a USB port can emulate an internet connection, tricking the host into passing information including log-in passwords and credit card details if inappropriately logged.
All it needs is for the browser to have been left running when the computer is locked, and the lock can be completely bypassed. And given that many browsers, such as Chrome, continue to run in the background even after the windows have been closed, it takes a conscious effort to combat it.
The PoisonTap targets cookies, sending them to the servers of the hacker, who can then use them to log-on to social media sites, email accounts and anything else with a username and password.
The device screams 'spy film', given that it can be inserted into a locked computer, used to bleed it dry and then removed in under a minute.
It is also capable of installing back doors to give hackers a permanent residence.
Kamkar designed the PoisonTap as a proof-of-concept, but it nevertheless reveals the phenomenal vulnerability of laptops, especially when physical access is available.
The PoisonTap effectively rules out using Sleep mode in Windows, although Hibernate would scupper it as connections are stopped.
The only other options would be to power down the computer completely, or ensure that all processes relating to browsers are shut down in Task Manager before you pop off to Pret A Manger. Or there’s the cement thing, of course.
We think we prefer the Vortex Manipulator idea, to be honest. µ
Another fine mesh
But, er, it'll be available in pink
GeForce Now is the winter of our gaming content