Senior Threat Researcher
François Paget is a senior threat research engineer and one of the founding members of McAfee Labs, where he conducts a ...
Yesterday in Toulouse, France, I was invited by CLUSIR-MP (the information systems security group for the Midi-Pyrenees region) to speak at its annual cybercrime overview conference. I spoke about the new faces of hacktivism. During the question and response session, someone in the audience asked the speakers about the “dead drop” or dead-letter-box phenomenon. A panelist from the police force compared this situation to the secret places used by drug dealers to swap drugs and money–using a hiding place behind a removable stone in some old walls, for example. But most of us were skeptical and asked the questioner for more details. He explained that he had discovered a USB key set in the cement on the street near his front door.
Searching online, I rapidly found deaddrops.com. This site explains that the dead-drop project is an anonymous, offline, peer-to-peer file-sharing network in public spaces. The media are USB flash drives, embedded into walls, buildings, and curbs accessible to anybody to drop or find files on the drive. Each participant just has to plug in a laptop and share files and data.
A world map and a database list 385 USB keys around the world, representing total storage of 1,140 GB. According to the map, Europe (with Germany and France in the lead) is better covered than the United States.
The following four pictures were taken in Paris:
I have to say I find this initiative funny. I am curious to know what kind of data we can find on these keys: malicious code? music and video (from legal or illegal downloads)? All sorts of pictures? I will visit some of these keys soon and will keep you informed if my catch is fruitful.
Malicious code for USB flash drives is a problem in general, and the danger that these keys might be misused is clearly mentioned in the FAQ associated with this project. The curious, occasional, or frequent users of these keys will have to be vigilant. If you must use these sharing “sites,” it’s best to connect with a virtual machine or computer dedicated to this activity–one without any confidential or precious data.