Put me out to pasture, my conference swag skills are failing.
I picked this up at Solar Power International:
I thought I was picking up a USB memory stick, as I’d nabbed one in the same form factor before. Break off the backing card at the hinge, and you’ve got a nice tiny data store like the Kingmax ones I used to use.
On plugging it into my Mac, a couple of icons bipped on my dock, then Skype opened. Wat? More importantly, there was no storage to be seen, so once my virus fears had subsided a bit, I was determined to find out what this pointless piece of plastic was doing.
The stick identified itself to the system as an Apple keyboard (USB ID 05ac:020b), and spits out the following characters (captured by cat and xxd on my Raspberry Pi):
0000000: 1b72 1b5b 317e 1b5b 3477 7777 2e62 757a .r.[1~.[4www.buz 0000010: 7a63 6172 642e 7573 2f73 6365 2d32 3230 zcard.us/sce-220 0000020: 0a .
After reading about evil USB dongles, it seems that the Ctrl-R keypress it’s sending is the Windows “Open Browser” command, and then opens the url
www.buzzcard.us/sce-220. This link redirects to
www.plugyourbrand.com/gosolar_sce/index.html?u=220, which appears to do some Flash/JS stuff which I don’t want to understand.
The funny thing is, the card has the perfectly respectable www.GoSolarCalifornia.ca.gov (well, respectable if you consider a US .gov website as such) link printed on it. Even printing a card with a QR code linking to that address would be less opaque.
As is, a bunch of plastic was wasted in vain just to save people typing an URL. We’re all going to die, and it really is your fault …