circlean usb key sanitizer
play

CIRCLean - USB key sanitizer Some bash, some python, a RaspberryPi, - PowerPoint PPT Presentation

Sep 28, 2022 •411 likes •569 views

CIRCLean - USB key sanitizer Some bash, some python, a RaspberryPi, and a lot of glue. TLP:WHITE info@circl.lu July 7, 2015 Context An USB key is a blackbox We all use USB keys Antiviruses wont detect more than 60% of common

  1. CIRCLean - USB key sanitizer Some bash, some python, a RaspberryPi, and a lot of glue. TLP:WHITE info@circl.lu July 7, 2015

  2. Context • An USB key is a blackbox • We all use USB keys • Antiviruses won’t detect more than 60% of common malwares ◦ Without talking of targeted attacks • We need a simple tool 2 of 14

  3. 3 of 14

  4. Usage • A journalist receiving documents on a USB key • A Student working on a computer at school/university • Within the family, to exchange pictures • In a business trip, at a conference, to exchange documents 4 of 14

  5. Advantages • Dedicated and air-gaped computer • Portable • Run on an off-the-shelf device • ... and an off-the-shelf Operating system (Raspbian Jessie) • Cheap 5 of 14

  6. What does it do? • Rename Windows executables • Cross-check MIME types with current extension of the file • Convert office documents to PDF/A and then to HTML • Convert PDFs to PDF/A and then to HTML • Extract the archives and process the content • Rename the autorun.inf on the source key 6 of 14

  7. Technical decisions • (Almost) no changes on the source key • Source key and OS mounted as RO during processing • Processing as user • Bare operating system • Processing based on the MIME types 7 of 14

  8. Challenges • CIRCLean is a bunch of scripts... • ... with a will OS • ... many dependencies • ... and that has to work on Raspberry B, B+ and 2. • Has to cover a lot of different cases (files systemes, file formats...) • ... and all the faillures modes. 8 of 14

  9. Implementation • Most recent version of Rasbpian (support all versions of rPi) • 7z to extract archives • GhostScript for converting PDF to PDF/A • Libreoffice / unoconv to convert *office to PDF/A • pdf2htmlex to convert PDF/A to HTML 9 of 14

  10. PyCIRCLean • Reimplementation of the project as a Python module (2.7 and 3*) • Usable on a desktop • Two existing processing scripts (generic and simple copy) • Helpers to make it simple (log, copy, rename...) • Implement your own tool 50 lignes of code to copy a predefined list of • extensions 10 of 14

  11. Main issues • Automatically generate images, with your own scripts? • Automated testing on realistic virtual environments (and not just rPi B) • Unit tests on known files • Error handling (key full, crash during a conversion...) • We need more users 11 of 14

  12. Future • Desktop for offices • LEDs to give a visual feedback to the user • Automated tests • Support of more files formats • Web Interface • Postfix plugin 12 of 14

  13. Source code • Open source (BSD) ◦ Scripts to build an image: ◦ https://github.com/CIRCL/Circlean ◦ Python module (2.7 and 3*) installable where ever you want: ◦ https://github.com/CIRCL/PyCirclean • Tutorial ◦ http://circl.lu/projects/CIRCLean/ 13 of 14

  14. Contact • raphael.vinot@circl.lu • https://www.circl.lu/ • OpenPGP fingerprint: 8647 F5A7 FFD3 50AE 38B6 E22F 32E4 E1C1 33B3 792F • Found suspicious documents? Don’t hesitate to contact CIRCL. 14 of 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A smart watch with alcohol-based sanitizer gel dual purpose unit that can flip from watch to

A smart watch with alcohol-based sanitizer gel dual purpose unit that can flip from watch to

A smart watch with alcohol-based sanitizer gel dual purpose unit that can flip from watch to roll on sanitizer gel. watch + sanitizer gel watch + sanitizer gel SANITIZER GEL WATCH ROLLER 70 x 50 x 18 MM watch + sanitizer gel 28 x 210 MM

112 views • 8 slides
FuZZan: Efficient Sanitizer Metadata Design for Fuzzing Yuseok Jeon 1 , WookHyun Han 2 , Nathan

FuZZan: Efficient Sanitizer Metadata Design for Fuzzing Yuseok Jeon 1 , WookHyun Han 2 , Nathan

FuZZan: Efficient Sanitizer Metadata Design for Fuzzing Yuseok Jeon 1 , WookHyun Han 2 , Nathan Burow 1 , Mathias Payer 1 3 1 2 3 Sanitizer: Debug Policy Violations Observe actual execution and flag incorrect behavior E.g., detect

470 views • 23 slides
Digital Hand Sanitizer Kiosks Preparing your business for the new normal. TABLE OF CONTENTS

Digital Hand Sanitizer Kiosks Preparing your business for the new normal. TABLE OF CONTENTS

Digital Hand Sanitizer Kiosks Preparing your business for the new normal. TABLE OF CONTENTS MAIN TOPICS About Us Product Features Gallery Pricing Stay Connected ABOUT US WHO? WHAT? Signitizer is the newest division of Hart

288 views • 7 slides
The Type Sanitizer: Free Yourself from -fno-strict-aliasing Hal Finkel Argonne National

The Type Sanitizer: Free Yourself from -fno-strict-aliasing Hal Finkel Argonne National

The Type Sanitizer: Free Yourself from -fno-strict-aliasing Hal Finkel Argonne National Laboratory 2017 LLVM Developers' Meeting An Example $ cat /tmp/clever.c #include <stdio.h> #include <math.h> float i_am_clever(unsigned int

262 views • 22 slides
ParmeSan: Sanitizer-guided Greybox Fuzzing USENIX 2020 *some pages borrowed from Zheyu Ma

ParmeSan: Sanitizer-guided Greybox Fuzzing USENIX 2020 *some pages borrowed from Zheyu Ma

ParmeSan: Sanitizer-guided Greybox Fuzzing USENIX 2020 *some pages borrowed from Zheyu Ma background What is fuzzing: feed random inputs to trigger as many crashes and hangs as possible What is state-of-the-art of fuzzing research:

494 views • 18 slides
blue b presents the first integrated uv-steam sanitizer for wrestling and athletic mats Herpes

blue b presents the first integrated uv-steam sanitizer for wrestling and athletic mats Herpes

blue b presents the first integrated uv-steam sanitizer for wrestling and athletic mats Herpes Ring Worm 2-3 weeks 3-4 weeks Impetigo Staphylococcal 1 week 1 week this makes wrestlers 16x more likely than other athletes to get skin

498 views • 14 slides
Laplace Sanitizer Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory

Laplace Sanitizer Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory

DataCamp Data Privacy and Anonymization in R DATA PRIVACY AND ANONYMIZATION IN R Laplace Sanitizer Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory DataCamp Data Privacy and Anonymization in R Laplace Sanitizer

335 views • 20 slides
How to fight the coronavirus SARS-CoV-2 and its disease, COVID-19 Michael Lin, PhD-MD Lin Lab

How to fight the coronavirus SARS-CoV-2 and its disease, COVID-19 Michael Lin, PhD-MD Lin Lab

How to fight the coronavirus SARS-CoV-2 and its disease, COVID-19 Michael Lin, PhD-MD Lin Lab Briefing 2020-03-13 Warning: Contains facts Bonus: Hand sanitizer recipe 3/16/20 This is not a pretty powerpoint This is an informational

362 views • 34 slides
TC80 Total Chlorine Analyzer Introduction to Chlorine Chlorine, Cl 2 , is a Diatomic Gaseous

TC80 Total Chlorine Analyzer Introduction to Chlorine Chlorine, Cl 2 , is a Diatomic Gaseous

TC80 Total Chlorine Analyzer Introduction to Chlorine Chlorine, Cl 2 , is a Diatomic Gaseous Element It is a strong oxidizer (wants electrons) The High Oxidation Potential makes it an efficient Sanitizer and Disinfectant. When

352 views • 18 slides
Welcome 2020-2021 When reporting to work, visiting a school site, or visiting the district

Welcome 2020-2021 When reporting to work, visiting a school site, or visiting the district

OVSD Child Development Programs Early Learning Preschools Welcome 2020-2021 When reporting to work, visiting a school site, or visiting the district office: Employees are required to use the hand sanitizer station upon entering the

642 views • 14 slides
Check-In Emphasis on Seamless & Touchless Customer Experience Self-service options designed

Check-In Emphasis on Seamless & Touchless Customer Experience Self-service options designed

Check-In Emphasis on Seamless & Touchless Customer Experience Self-service options designed to minimize unnecessary contact opportunities Process includes both self-clean (sanitizer stations and wellness kits) as 6. 1. well

110 views • 10 slides
Family of Protective Products Made in USA www.repelwell.com info@repelwell.com offers two lines

Family of Protective Products Made in USA www.repelwell.com info@repelwell.com offers two lines

Family of Protective Products Made in USA www.repelwell.com info@repelwell.com offers two lines of protectants FDA Approved Maximum Eco-Friendly Water Based Strength Liquid Hand Textile Sanitizer Protectant www.repelwell.com

621 views • 13 slides
STEELTON-HI GHSPI RE SCHOOL DI STRI CT 2020-2021 Pha se d Re Ope ning Pla n 2 Dist r ic t

STEELTON-HI GHSPI RE SCHOOL DI STRI CT 2020-2021 Pha se d Re Ope ning Pla n 2 Dist r ic t

STEELTON-HI GHSPI RE SCHOOL DI STRI CT 2020-2021 Pha se d Re Ope ning Pla n 2 Dist r ic t Pla nning- St e ps We ve Ta ke n The district has ordered supplies such The district participates in State and as hand sanitizer, face

584 views • 11 slides
Retur eturn to Sc n to School hool Saf Safety ety REOPENING IS A SHARED RESPONSIBILITY

Retur eturn to Sc n to School hool Saf Safety ety REOPENING IS A SHARED RESPONSIBILITY

Retur eturn to Sc n to School hool Saf Safety ety REOPENING IS A SHARED RESPONSIBILITY Entry process/screening: Hand-washing on entry to all schools, with soap and water or hand sanitizer Screening for symptoms in children and

385 views • 25 slides
2020 Board Strategic Workshop Jean Boudreau, FEC, P.Eng. President, Engineers Canada and Chair of

2020 Board Strategic Workshop Jean Boudreau, FEC, P.Eng. President, Engineers Canada and Chair of

2020 Board Strategic Workshop Jean Boudreau, FEC, P.Eng. President, Engineers Canada and Chair of the Strategic Plan Task Force 1 Safety procedures Do not shake hands Wash your hands and use hand sanitizer frequently Do not touch

1.38k views • 92 slides
Skin Hygiene Part of the Health and Wellbeing series Hand Washing Hand-washing is an easy way to

Skin Hygiene Part of the Health and Wellbeing series Hand Washing Hand-washing is an easy way to

Skin Hygiene Part of the Health and Wellbeing series Hand Washing Hand-washing is an easy way to prevent infection. Understand when to wash your hands, how to properly use hand sanitizer and how to get your children into the habit. Frequent

313 views • 5 slides
Running Apps at the Edge with AWS IoT Greengrass Machine Intelligence Modern Infrastructure

Running Apps at the Edge with AWS IoT Greengrass Machine Intelligence Modern Infrastructure

Running Apps at the Edge with AWS IoT Greengrass Machine Intelligence Modern Infrastructure http://mi2.live What is MI2? MI2 Webinars focus on the convergence of machine intelligence and modern infrastructure . Every alternate week, I deliver

335 views • 17 slides
CuteSIB Demo for Raspberry Pi The work is supported by the Ministry of Education and Science of

CuteSIB Demo for Raspberry Pi The work is supported by the Ministry of Education and Science of

Petrozavodsk State University Department of Computer Science Sergey Marchenkov, Andrey Borodulin, Dmitry Baganov, Dmitry Korzun CuteSIB Demo for Raspberry Pi The work is supported by the Ministry of Education and Science of Russia within

258 views • 6 slides
Linux on Raspberry Pi 3 on Mac OSX M ercy C ollege C YBERSECURITY Dr. John Yoon Remote

Linux on Raspberry Pi 3 on Mac OSX M ercy C ollege C YBERSECURITY Dr. John Yoon Remote

on Remote Access Linux on Raspberry Pi 3 on Mac OSX M ercy C ollege C YBERSECURITY Dr. John Yoon Remote Accesses For security reason VPN Putty VPN Download for Windows From:

243 views • 13 slides
HOW TO INTEGRATE NFC FRONTENDS IN LINUX WEBINAR SERIES: NFC SOFTWARE INTEGRATION JORDI JOFRE

HOW TO INTEGRATE NFC FRONTENDS IN LINUX WEBINAR SERIES: NFC SOFTWARE INTEGRATION JORDI JOFRE

HOW TO INTEGRATE NFC FRONTENDS IN LINUX WEBINAR SERIES: NFC SOFTWARE INTEGRATION JORDI JOFRE NFC READERS NFC EVERYWHERE 14/09/2017 PUBLIC Agenda NFC software integration webinar series Session I, 14th September How to integrate NFC

673 views • 39 slides
Exercise 2: Encoder / Decoder Framework Goals : Implement basic framework for encoder and decoder

Exercise 2: Encoder / Decoder Framework Goals : Implement basic framework for encoder and decoder

Exercise 2: Encoder / Decoder Framework Goals : Implement basic framework for encoder and decoder (without any real data processing) Implement block-wise processing of samples Encoder Operation Read image in PGM format Write data to bitstream

153 views • 3 slides
ECE 417, Lecture 6: Discrete Cosine Transform Mark Hasegawa-Johnson 9/6/2019 Outline DCT

ECE 417, Lecture 6: Discrete Cosine Transform Mark Hasegawa-Johnson 9/6/2019 Outline DCT

ECE 417, Lecture 6: Discrete Cosine Transform Mark Hasegawa-Johnson 9/6/2019 Outline DCT KNN How to draw the contour plots of a multivariate Gaussian pdf Discrete Cosine Transform Last time: PCA Why its useful: PCs are

654 views • 32 slides
Statistical challenges and opportunities in neural data analysis Liam Paninski Department of

Statistical challenges and opportunities in neural data analysis Liam Paninski Department of

Statistical challenges and opportunities in neural data analysis Liam Paninski Department of Statistics Center for Theoretical Neuroscience Grossman Center for the Statistics of Mind Columbia University http://www.stat.columbia.edu/ liam

506 views • 32 slides
System call tracing Ron Minnich Fifth IWP9 With thanks to Russ Cox, Jim McKie, and Noah Evans

System call tracing Ron Minnich Fifth IWP9 With thanks to Russ Cox, Jim McKie, and Noah Evans

Motivation Broken date Broken Troff Just use acid, right? How it works Comparing ratrace and strace Performance Summary System call tracing Ron Minnich Fifth IWP9 With thanks to Russ Cox, Jim McKie, and Noah Evans Ron Minnich System

194 views • 18 slides

More recommend