USB malware

[ph0bYx]

Hey guys. I haven't been using an AV for quite some time now, but I'm always careful about what I download and which sites I visit.
I'm worried about the USB malware because when I lend my USB stick to a friend I always get it back with at least 3 different viruses/worms on it. Now that I'm not using a AV (only the Comodo firewall), I'm curious what precaution measures there are against that type of malware? My AV used to scan them and delete as soon as I connect the USB stick, but now it could be a bit tricky and I don't want to install an AV + update it every time for it, in fact I don't want to have any traces of an AV on my winXP box at all.

What are you suggestions?

[bad_brain]

hmmm....it is in fact tricky on Windows, on Linux it would be damn easy by changing the auto-mount permissions of an USB device.
the only practicable option I can imagine at the moment is to mount the USB stick into a sandbox environment. sadly the only app I found by a quick google check is shareware...it still works after 30 days (with some disabled advanced features) but there is a "reminder" feature that is surely annoying...

but well, sometimes software is found on the pavement as you surely know...*cough-cough*
if you're interested:
http://www.sandboxie.com/" onclick="window.open(this.href);return false;

I am pretty sure there were sandbox apps available on VX heavens, but it seems they are not there anymore...

[z3r0aCc3Ss]

Use USB Disk Security
or
Block all the external devices' autorun

[ph0bYx]

bad_brain: how convenient, Comodo firewall has a sandbox option

z3r0aCc3Ss: installing new software is what I'm trying to avoid

Thanks guys for the suggestions!

[DNR]

its a trust issue - you cannot trust your machine after it uses a USB stick that is used by other people. You already know they tend to get virus and malware. That stick should not be near your primary machine.

DNR

[leetnigga]

It's actually a configuration issue. If your machine is set up to automatically run code from untrusted devices, you are not a clever man.

[DNR]

It's actually a configuration issue. If your machine is set up to automatically run code from untrusted devices, you are not a clever man.

He never said anything about the USB stick automatically running code, he said he kept finding malware on the stick after getting it back. He wanted to figure out what to do without having to run an AV on it - my point was, if you can't trust who you loan the stick to, don't use the stick again.
The same trust rule applies to the machine, you cannot expect your machine to be 'trusted' if you let other room mates or college buddies use it.

The 'trusted' thinking applies to smart sysadmins, for example - they know not to connnect the payroll server to the same network the internet has access to. You have to develop 'trusted' zones, or various levels of security zones - so you can apply the right measure of security and not redundant systems.

-DN