A message I just (Tuesday, September 30th, 2025 8:36 AM CDT ) posted to the Tails Dev Mailing list about USB FlASH DRIVE SECURITY VULNERABILITY
Return-Path: <jb@remedycoin.com>
Received: from localhost (LHLO mail3.uccwi.com) (127.0.0.1) by
mail3.uccwi.com with LMTP; Tue, 30 Sep 2025 08:36:01 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1])
by mail3.uccwi.com (Postfix) with ESMTP id 0E0431E0F23;
Tue, 30 Sep 2025 08:36:01 -0500 (CDT)
X-Spam-Flag: NO
X-Spam-Score: 3.395
X-Spam-Level: ***
X-Spam-Status: No, score=3.395 required=6.6 tests=[ALL_TRUSTED=-1,
BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, DMARC_FAIL_REJECT=9,
HELO_NO_DOMAIN=0.001, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_CERTIFIED=-3,
RCVD_IN_VALIDITY_RPBL=1.31, RCVD_IN_VALIDITY_SAFE=-2, RDNS_NONE=0.793,
T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Authentication-Results: mail3.uccwi.com (amavis); dkim=neutral
reason=”invalid (public key: OpenSSL error: bad base64 decode)”
header.d=remedycoin.com
Received: from mail3.uccwi.com ([127.0.0.1])
by localhost (mail3.uccwi.com [127.0.0.1]) (amavis, port 10032) with ESMTP
id akMuFMeYwnuk; Tue, 30 Sep 2025 08:36:00 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1])
by mail3.uccwi.com (Postfix) with ESMTP id 321251E0EEC;
Tue, 30 Sep 2025 08:35:59 -0500 (CDT)
DKIM-Filter: OpenDKIM Filter v2.10.3 mail3.uccwi.com 321251E0EEC
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=remedycoin.com;
s=794BDD44-E19B-11EA-A8FC-300F827ED79A; t=1759239359;
bh=JoVVm+fwQpBaEQGRrXDJGn1UZQ2j6JjKVfiw66UC49c=;
h=Date:From:To:Message-ID:MIME-Version;
b=WTcM6etJOmJWEXtvmXmRcDRSF/EmwoB5g5ME0FpCeJrBaunrfv6REpfo6bfbTYxDR
tY57GYiVCHbTLl7RLc6FSI4zWFA+4dkyEU39halQSbrb6bXJbPvGr7KJsCCK6DTYX6
QDW4MW1boCs0iRUFJBGFOr9b6E6W1yP9MZOSct3IEcdnctlIyGDphXfOhTYU3d/7zu
Nz2oj9SjTA5U01LwfU9188rTyptswbJAmpgE5wb0WKP417lHkbAedi+jPWt7xWXp0n
2+caAWnh3M4ttOMWIuIHDNVqVnKt9rn/C+POIlVrNR82LpZpzrLCMYSmMoomvhsv4W
Ut0ZjhqFo+67w==
X-Virus-Scanned: amavis at uccwi.com
Received: from mail3.uccwi.com ([127.0.0.1])
by localhost (mail3.uccwi.com [127.0.0.1]) (amavis, port 10026) with ESMTP
id 2mxkHELzci8l; Tue, 30 Sep 2025 08:35:58 -0500 (CDT)
Received: from mail3.uccwi.com (localhost [127.0.0.1])
by mail3.uccwi.com (Postfix) with ESMTP id C7ED81E0E7F;
Tue, 30 Sep 2025 08:35:58 -0500 (CDT)
Date: Tue, 30 Sep 2025 08:35:58 -0500 (CDT)
From: JOSEPH WILLIAM =?utf-8?Q?BAKER=C2=AE?= <jb@remedycoin.com>
To: tails-dev@boum.org
Cc: cc <cc@evidencebuilder.com>
Message-ID: <1124077556.2826.1759239358600.JavaMail.zimbra@remedycoin.com>
Subject: Wireless Vulnerability in All USB Memory Sticks
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”=_48d5c95c-2bfc-45c5-80d5-b941b4b68c94″
X-Originating-IP: [174.102.224.156]
X-Mailer: Zimbra 8.8.15_GA_4717 (ZimbraWebClient – GC140 (Linux)/8.8.15_GA_4717)
Thread-Index: T4zvbexOeBnde2FFr0YCYf0d7LzVvA==
Thread-Topic: Wireless Vulnerability in All USB Memory Sticks
–=_48d5c95c-2bfc-45c5-80d5-b941b4b68c94
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Two department heads within a reclamation department of the US Department of Defense told me circa 2013 that SAP had discovered a wireless vulnerability in USB memory sticks.
I know you guys lean heavily on using USB memory sticks to boot your live linux distribution, thinking it’s safe from spying, but nothing could be further from the truth.
I recommend instead using a live DVD with the kernel option TORAM used to load your OS. Then figure out a way to mount your storage over the network from somewhere else. Perhaps with a ram drive overlay.
I remember a wifi card back around 2007 that had a vulnerability that allowed remote access to the whole motherboard – no matter the OS or driver. There is every reason to suspect that the sort of back door we are talking about here could have such wide access.
These are undocumented wireless methodologies as far as I know.
The officers told me this was how the US Government caused the Iranian uranium enrichment machines to spin to speeds far above the speeds they were suposed to spin at. These supposedly “air-gapped” machines were using USB flash drives. They went on to say the only reason they could tell me was because SAP had made the discovery public so it was no longer classified information.
The DOD does not allow usb Flash Drives on it’s networks. It might be advisable to follow their policies for data management.
I told Bob Stanley of FreeOS about this circa 2018 in Acapulco, Mexico, and
he wanted me to not talk about it. FreeOS was re-branding Tails and making
a privacy centric tool and economic infrastructure around the DASH crypto
currency.
I’ve continued posting about this from time to time sharing this information
with those whom I felt it important to share with. I told some people in
the Bitcoin Meetup of Silicon Valley where I was a co-organizer.
Regards,
Joseph William Baker®
https://josephwilliambaker.com
–=_48d5c95c-2bfc-45c5-80d5-b941b4b68c94
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html><body><div style=3D”font-family: arial, helvetica, sans-serif; font-s=
ize: 12pt; color: #000000″><div>Two department heads within a reclamation d=
epartment of the US Department of Defense told me circa 2013 that SAP had d=
iscovered a wireless vulnerability in USB memory sticks. <br><br>I kno=
w you guys lean heavily on using USB memory sticks to boot your live linux =
distribution, thinking it’s safe from spying, but nothing could be further =
from the truth. </div><div><br data-mce-bogus=3D”1″></div><div>I recom=
mend instead using a live DVD with the kernel option TORAM used=
to load your OS. Then figure out a way to mount your storage over th=
e network from somewhere else. Perhaps with a ram drive overlay. =
;<br><br>I remember a wifi card back around 2007 that had a vulnerabi=
lity that allowed remote access to the whole motherboard – no matter the OS=
or driver. There is every reason to suspect that the sort of b=
ack door we are talking about here could have such wide access. <br><b=
r>These are undocumented wireless methodologies as far as I know. &nbs=
p;<br><br>The officers told me this was how the US Government caused the Ir=
anian uranium enrichment machines to spin to speeds far above the speeds th=
ey were suposed to spin at. These supposedly “air-gapped” mach=
ines were using USB flash drives. They went on to say the only reason=
they could tell me was because SAP had made the discovery public so it was=
no longer classified information. <br><br>The DOD does not allow usb =
Flash Drives on it’s networks. It might be advisable to follow =
their policies for data management. </div><div><br data-mce-bogus=3D”1=
“></div><div>I told Bob Stanley of FreeOS about this circa 2018 in Acapulco=
, Mexico, and he wanted me to not talk about it. FreeOS was re-=
branding Tails and making a privacy centric tool and economic infrastructur=
e around the DASH crypto currency. <br><br>I’ve continued posting abou=
t this from time to time sharing this information with those whom I felt it=
important to share with. I told some people in the Bitcoin Meetup of=
Silicon Valley where I was a co-organizer. <br><br>Regards,<br>Joseph=
William Baker=C2=AE<br><a href=3D”https://JosephWilliamBaker.com”>https://=
JosephWilliamBaker.com</a><br><br></div><div><br data-mce-bogus=3D”1″></div=
></div></body></html>
–=_48d5c95c-2bfc-45c5-80d5-b941b4b68c94–