If you plug a USB drive into Microsoft Windows, in many cases it will try to do things “for you” with the drive. Not a great idea. There could be malware lurking on that USB drive.
There are a couple of things you can do to help mitigate the issue. These tips assume Windows 11.
Turn off Autoplay
- Open Settings. Press Windows + I to open the Settings app.
- Go to Bluetooth & devices. In the left sidebar, click on “Bluetooth & devices.”
- Select Autoplay. Scroll down and click on “Autoplay.”
- Turn Off Autoplay. You’ll see a toggle switch labeled “Use Autoplay for all media and devices.” Turn this off.
This will turn it off completely. You can, if you want, make individual settings for different types of devices.
Deny Execute Access (Pro or Enterprise versions of Windows 11)
- Open Group Policy Editor. Press Windows + R, type gpedit.msc, and press Enter.
- Navigate to the Removable Storage Access Policies. Go to Computer Configuration > Administrative Templates > System > Removable Storage Access.
- Modify Policies. You can enable the policy “Removable Disks: Deny execute access” to prevent execution from removable drives.
- Apply and Reboot.
Note, there are some cases where you may want to execute scripts or programs from a removable drive. If that’s the case, you may not want to do this, or make a note of it so you can re-enable if needed.
why the fuck did they re-enable autoplay? it was a terrible idea when they did it years ago and they quickly disabled it.
People are becoming even more tech illiterate.
I just checked a freshly installed Windows 11 and the autoplay is off by default.
So to follow up on the point you are trying to make: People are illiterate because they react loudly without checking what they react about. It’s enough for them to get a few online upvotes in a world where they don’t matter otherwise.
on this point…
I heard from someone in my local area that it’s getting to the point where people don’t even know how to use a mouse and keyboard.
this is the iPad generation…
There’s been several articles in the past 10 years pointing out that kids going for IT and CompSci degrees in college/uni are often not aware of file structures. The thought is that they are so used to just saving something on a mobile device, and when they want to use/send/view it, the apps just comb the whole system and present files that fit the required extension formats.
I recently had to rescue the SSD of a data science PhD student. While dumping the files, I noticed that he had a dozen copies of identically named large CSV files (I mean 20+ gigabytes each). I compared their checksums - they were copies of the same raw data file, just sitting there in the downloads folder. When I asked, he said he’d made several backups of the project. Including the data.
Unfortunately Windows somehow fucked up the partition table and took the “backups” with it.
He’s just following the 3-2-1 backup strategy - at least three copies of the data, two on different formats (.csv and .xls) and at least one copy in a different location (saved in the “Backup” folder instead of the “Documents” folder).
Ffs…what a nightmare!
I just checked a freshly installed Windows 11 and the autoplay is off by default.
So to follow up on the value of your question: People react loudly without checking what they react about. It’s enough for them to get a few online upvotes in a world where they don’t matter otherwise.
You are remembering that the executable features of autorun.inf is disabled, which is still true. Autoplay (if enabled) as it exists currently only applies for discovered media file types and makes your default configured media player responsible for handling them. It would not be possible to execute arbitrary tasks unless you had an ACE exploit for the installed media player.
Because people in general want things to be ‘easy’ far more than they they care about security risks they don’t understand. If they cared about security at all, they wouldn’t be plugging random USB sticks into their computers in the first place.
Because people get all their music from MP3s downloaded via limewire, and store them on usb drives apparently.
Such a modern operating system! Forward thinking Microsoft.
Uhhh… Shouldn’t you just not plug random shit into your computer?
Think of it as a seatbelt. You don’t plan on crashing your car, but shit happens. It’s even possible a brand new USB drive from a “reputable” company could have something on it.
It’s surprising how many people will plug in a random USB drive that they find. Apparently that’s how the CIA got the Stuxnet virus into Iran’s system and nerfed their centrifuges back in the day.
You forgot the lack of mental capacity in the average windows victim.
Usb killer: you guys do things with the computer?
Yeah but maybe someone else does it
Some malicious USB drives have a capacitor that will discharge and fry your whole system. Unless you have an air-gap system that you don’t care about, unknown USB drives should be disposed of.
Oh, and all this and more can be accomplished with a sneaky charging cable too. So you have to dial in your level of paranoia to suit your situation. The person most likely to tamper with your computer is a spouse. Search and chat histories as well as GPS devices are becoming common in divorce cases.
so one thing that has been driving me nuts is that windows is doing something to my external TB drive to where Ubuntu thinks its corrupt. (I have dual-boot) after googling it, windows sets the drive flag as a “dirty” NTFS system, and Linux no longer reads it afterwards. not sure if there’s any solution to fix that, but I’ll give these a shot.
You can use ntfsfix on the drive to do a check and remove dirty bit. This isn’t a full check though, and could mask or hide actual issues with the drive if it’s failing.
There’s also chkntfs which is more robust but I’m not sure if that’s open source and I’m not familiar with it.
Using ntfsfix is a good quick fix in my experience, but at the end of the day, NTFS is a Microsoft exclusive format and shared disks should be mounted in a format that both OSes can use, like exFAT, or Btrfs with the WinBtrfs driver (the latter I’m not familiar with, I’ve always used exFAT for shared disks, but I don’t use Windows anymore).
Did you try to disable “Fast Startup” ?
By default, Windows does not do a real shutdown anymore. It closes the user session and hibernates, to speed up the following start up. As a consequence, the Windows partition (and EFI partition ?) are not properly unmounted.
I just checked a freshly installed Windows 11 and the autoplay is off by default.
Were you trying to get upvotes just for the fun of it??
First of all I believe you are incorrect.
You’re doing a single anecdotal “test” from (I assume) one copy of the installation media. News flash, not all installation images of Windows 11 are the same.
And I will answer your anecdotal evidence with some anecdotal evidence of my own: almost every friend and coworker I’ve asked about this says Autoplay is on. And when I check Google or ChatGPT, they confirm that a fresh install of Windows 11 will have it on by default. So…I guess everyone else is wrong about this but you’re right about every installation of Windows 11.
Secondly, your question ignores the fact that people should probably check to see if it’s on. It can get turned on accidentally or even by an update. Microsoft is constantly messing arbitrarily with user preferences and settings with their weekly updates. You do know that, right?
Finally, you posted some version of this same reply multiple times in this thread. Why? Are you just doing that to “get upvotes for fun”?
BTW, there’s no karma on lemmy…upvotes don’t matter.
It’s fine to correct someone, but first do a better job of checking your methodology, and second, don’t assume their motivations for trying to share helpful info.
I checked two more computers after reading your reply (first time setups) and they all have autoplay off, so I remain skeptical of what you stated.
There are so many trolls and misinformation floating around.
As far as I have seen with those “fresh” installs, your information is not matching the reality here, so I’m moving on to other sources.
This was used as an attack vector more than 15 years ago,I can’t believe they re enabled it honestly. There was a virus on my school’s pcs which installed itself on the USB keys and people just went home and spread it everywhere without clicking on anything thanks to autoplay. Also “asked to chatgpt” lmao.