Podslurping -> unauthorized dowload


Podslurping (sometimes just called slurping) is the unauthorized download of data from a computer to a small device with storage capacity, such as a Flash drive or an iPod or other MP3 player.

The small size of the devices and the ease of connectivity -- for example through the USB port or a wireless Bluetooth connection -- makes it possible for anyone who can get access to a computer to download files from it quickly and surreptitiously.

To illustrate the ease of podslurping, security expert Abe Usher created a proof of concept application called slurp.exe. Using the program on his iPod, Usher was able to copy all document files from his computer in 65 seconds. Usher now makes a version of his program for security audits that does not actually copy the files but generates a report of the information that could have been stolen in a real attack.

Read more @


Abe Usher explains the importance of physical security in his blog.

IT Manager's Journal explains more about the threat of podslurping.

- Ganesh AM