Do you think your computer is safe after locking it? The answer is simple and straight “no”. It is still at risk of being hijacked, which is possible in less than a minute. The new project by Samy Kamkar is proving to be a headache for the security of many computers. PoisonTap can be purchased for $ 5 and can be easily connected to the USB port of the computer to hijack it.
When connected to the USB port of the computer, it is detected by the computer not as USB device but as Ethernet interface. To avoid the loss of battery the computer happily sends DHPC request and looks out for IP to be assigned. PoisonTap immediately responds as a faux wired connection. It doesn’t offer many IPs from the server but as LAN (Local Area Network). Hence, the computer accepts the fake IP from PoisonTap and accepts it.
This device sends data caches of millions of websites listed in Alexa rankings. So, within a minute your entire system is prone to malicious contents. The entire process is so short that even you leave your computer out there for a glass of water, will be hijacked soon. It can happen even if your computer is locked. The USB port is vulnerable and can be saved from being hijacked by sealing it with concrete.
A grave concern for the security and privacy of the computer as it can be breached in less than a minute. Only proper deep sleep encryption which shuts down any network access can help your computer. The best part is to keep your computer near you and not to leave it unattended. According to Microsoft, the computer software should always be kept updated.
This new project has opened many questions in the mind of security experts and they are pondering on various ideas to counteract PoisonTap. No matter how advanced technology becomes some lapses are always left out. Beware! next time you leave your computer unattended, it might be hijacked.