3

I have a somewhat hypothetical situation where I need to re-image a machine using a USB thumb drive, however I cannot be certain that the drive itself is malware free. It is the only thumb drive that I have at my disposal.

The machine that I need to re-image is more than likely infected with some type of malware, so I cannot be sure that wiping a removable drive from that computer will actually wipe it without having it re-infected. Something that I thought might mitigate risk of exposure to another machine would be to use the infected machine and enable BitLocker To Go encryption on the removable drive so if anything malicious was on the drive it would be contained within a encrypted volume, making it safe to wipe on another machine as long as I did not decrypt it.

Would this work or is there something that I'm not considering?

Jingo
  • 674
  • 4
  • 10
  • 1
    what if you create a live cd, boot from the cd and wipe the usb drive using the live boot os? – 16b7195abb140a3929bbc322d1c6f1 Jan 11 '16 at 05:14
  • @mk444 That would be a perfectly good way to wipe the drive securely but for the sake of the scenario I do not have any live CDs at my disposal. The machine that I would be using to wipe the drive also has a locked BIOS not allowing it to be booted to any other medium. – Jingo Jan 11 '16 at 06:20
  • What if you do this. Go over to the un-infected PC. Remove the hard disk and boot from the LiveCD then wipe the USB? – 16b7195abb140a3929bbc322d1c6f1 Jan 11 '16 at 06:33
  • Are you talking here of USB malware at the firmware level, at the core storage level or at the file system level? – dan Jan 11 '16 at 07:58

1 Answers1

2

BitLocker would possibly reduce the risk for old-school viruses that embed themselves directly in executable files. However, there is a whole class of USB vulnerabilities that exist at the hardware level, that lives below any partition or file system scheme. While it would protect against some viruses doing their thing, I'd consider investing in a hardened USB drive that offers firmware protection and encryption. Normal consumer USB drives simply cannot be trusted to resist infection when you try to protect them at the OS level. (NOTE: This link is only meant to provide an example; actual research on available options is strongly recommended).

phyrfox
  • 5,724
  • 20
  • 24
  • Thank you for mentioning firmware vulnerabilities, that is something that I did not even consider and I will definitely check out those apricorn drives. – Jingo Jan 12 '16 at 01:19