YSK: Removable drives/thumb drives are potentially dangerous in Windows 11
If you plug a USB drive into Microsoft Windows, in many cases it will try to do things "for you" with the drive. Not a great idea. There could be malware lurking on that USB drive.
There are a couple of things you can do to help mitigate the issue. These tips assume Windows 11.
Turn off Autoplay
Open Settings. Press Windows + I to open the Settings app.
Go to Bluetooth & devices. In the left sidebar, click on "Bluetooth & devices."
Select Autoplay. Scroll down and click on "Autoplay."
Turn Off Autoplay. You'll see a toggle switch labeled "Use Autoplay for all media and devices." Turn this off.
This will turn it off completely. You can, if you want, make individual settings for different types of devices.
Deny Execute Access(Pro or Enterprise versions of Windows 11)
Open Group Policy Editor. Press Windows + R, type gpedit.msc, and press Enter.
Navigate to the Removable Storage Access Policies. Go to Computer Configuration > Administrative Templates > System > Removable Storage Access.
Modify Policies. You can enable the policy "Removable Disks: Deny execute access" to prevent execution from removable drives.
Apply and Reboot.
Note, there are some cases where you may want to execute scripts or programs from a removable drive. If that's the case, you may not want to do this, or make a note of it so you can re-enable if needed.
It was just beginning so they didn't know and didn't need to know. Now tech is everywhere, after them you needed to know to get it to work and it was more widespread. Now it's very widespread but so user-friendly that you don't need to know.
There's been several articles in the past 10 years pointing out that kids going for IT and CompSci degrees in college/uni are often not aware of file structures. The thought is that they are so used to just saving something on a mobile device, and when they want to use/send/view it, the apps just comb the whole system and present files that fit the required extension formats.
I recently had to rescue the SSD of a data science PhD student. While dumping the files, I noticed that he had a dozen copies of identically named large CSV files (I mean 20+ gigabytes each). I compared their checksums - they were copies of the same raw data file, just sitting there in the downloads folder. When I asked, he said he'd made several backups of the project. Including the data.
Unfortunately Windows somehow fucked up the partition table and took the "backups" with it.
He's just following the 3-2-1 backup strategy - at least three copies of the data, two on different formats (.csv and .xls) and at least one copy in a different location (saved in the "Backup" folder instead of the "Documents" folder).
Was a Lab Assistant for the first Programming class for a Comp Sci degree, back in the very early 2010's. Helping some of the students get set up with the IDE was... special.
I just checked a freshly installed Windows 11 and the autoplay is off by default.
So to follow up on the point you are trying to make: People are illiterate because they react loudly without checking what they react about. It's enough for them to get a few online upvotes in a world where they don't matter otherwise.
I just checked a freshly installed Windows 11 and the autoplay is off by default.
So to follow up on the value of your question: People react loudly without checking what they react about. It's enough for them to get a few online upvotes in a world where they don't matter otherwise.
Because people in general want things to be 'easy' far more than they they care about security risks they don't understand. If they cared about security at all, they wouldn't be plugging random USB sticks into their computers in the first place.
You are remembering that the executable features of autorun.inf is disabled, which is still true. Autoplay (if enabled) as it exists currently only applies for discovered media file types and makes your default configured media player responsible for handling them. It would not be possible to execute arbitrary tasks unless you had an ACE exploit for the installed media player.