Submitted via IRC for TheMightyBuzzard
National Audio Co. is the only company in the U.S. that produces cassette tape. Now, as cassette tapes enjoy a resurgence in popularity, National Audio has less than a year's supply left of the stuff, The Wall Street Journal reports.
For the last 15 years, National Audio's co-owner and president Steve Stepp has been clinging to his company's dwindling supply of music-quality magnetic tape. In 2014, National Audio's South Korean supplier stopped making the material, so Stepp bought out their remaining stock before they shuttered — and has been left with a shrinking stockpile ever since.
Although the demand for tape has increased in recent years, the quality and supply has not; National Audio has long relied on outdated gear that Stepp jokes is "the finest equipment the 1960s has to offer." That's why the company — which makes cassettes for everyone from indie bands to Metallica — is planning to build the U.S.'s first high-grade tape manufacturing line in decades.
Crap! Where am I going to store my TRS-80 programs now?
Source: https://theweek.com/speedreads/735269/america-running-cassette-tape
(Score: 2) by Grishnakh on Tuesday November 14 2017, @01:57AM (3 children)
This is patently false.
You connect a malicious USB device, it reports itself as a HID class device and bam, Linux and basically any other desktop operating system accepts input from it, treating it as equivalent to input from a "real" keyboard and mouse or whatever else.
Yeah, so what? That isn't going to root a machine unless you somehow know the root password so you can simulate Alt-F1, root, password, commands to do something....
USB is a problem on Windows because of Autorun: you pop in a drive, and Autorun.exe starts running, no questions asked. Linux doesn't do this.
Then whatever user accounts are logged in at the console are pwned.
This is just dumb. You don't know what's going on when the device is plugged in. If it's not at a terminal window, and instead the cursor is at a SoylentNews input box like I'm using now, you'll just get a weird comment on your SN account.
Or if an attacker just wants to cause damage, it's not too hard to make a fake device that, say, massively overvolts the data lines, likely frying at least the USB PHY and any nearby components on the board you connect it to.
This doesn't compromise your data, it's just an annoyance. And good luck fitting that kind of circuitry into a thumb drive that's barely bigger than the USB port.
This is really just a bunch of scare-mongering.
(Score: 0) by Anonymous Coward on Tuesday November 14 2017, @03:45AM
You're lacking in both technical competence and imagination.
(Score: 2) by Pino P on Tuesday November 14 2017, @05:20AM
You don't need to gain administrative access to a PC's operating system to do serious damage. As Randall Munroe pointed out in this infographic [xkcd.com]:
For example, ransomware just needs to encrypt ~ (the logged-in user's profile), not / (the entire file system).
(Score: 0) by Anonymous Coward on Tuesday November 14 2017, @09:57AM
So the device registers as USB hub with a storage and a keyboard attached. You're not surprised about the storage; that's what you expected anyway. The "keyboard" starts a script located on the storage device. The script installs some malware on your account. The next time you use your password (for example, to unlock your screen), the malware catches it. Since today's Linux systems are typically set up with sudo instead of root password (how that is supposed to be more secure on single user systems still evades me), and usually the user has just one account used for both admin stuff (thus having sudo enabled) and general stuff (thus it will be the account that is open when inserting the stick). Thus once the user-local malware has the user password, on the majority of current personal Linux installations it owns root.