We frequently talk about recent security threats, including the new Trojan horse called “Locky” that encrypts your information forever, making it impossible to read.
Unfortunately, Locky is not the only virus that can cause problems for your operating system. There are many other types of viruses which can silently infiltrate a computer without you even noticing it. One of the most common and easiest ways of accessing your system is through an external flash or a hard drive.
There are a number of software solutions to help prevent such infection, as well as a radical and 100 percent secure hardware method. You can protect your USB ports from an unauthorized access for a short period of time simply by disabling the ports.
If you are using Windows…
All that you need is Notepad and an administrator-level account.
First, create a new document, then copy and paste the following text:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
”Start”=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR\Enum]
”Count”=dword:00000000
”NextInstance”=dword:00000000
Save the file in the desired location and name it usboff.reg. Be sure to save it with the .reg extension and not .txt, or this trick will not work.
Now repeat the process, changing only two parts: in the line ”Start”=dword:00000004 change the 4 to a 3 , and then save a new file named usbon.reg.
Done!
Now when you want to disable the USB port, simply open the usboff.reg file and confirm the change. This will block any external drive plugged into your PC from working. As you might have guessed, opening and confirming the usbon.reg file will do just the opposite, once again enabling the USB port.
Assuming you are the only one with administrator-level access to the computer in question, no one will be able to change these files except you.
Now for the Mac
This trick is slightly more complicated than on Windows.
OS X 10.11 El Capitan brought with it an additional level of security for your Mac: System Integrity Protection (SIP), which prevents system-related files from modification. Even if you have an administrator-level account, you won’t be able to make changes to these files.
Apple’s new protection policy may have good intentions, but it clearly doesn’t help with our mission to disable USB.
NB! If you are using a USB keyboard or mouse, please don’t attempt this trick! You won’t be able to use these input devices, requiring an alternate method such as Bluetooth.
You can disable SIP by booting into recovery mode. Restart your Mac and hold Command+R as it boots.
From the menu, select Utilities > Terminal. In the Terminal window, type csrutil disable, press Enter, then restart your Mac.
To reenable SIP, launch Terminal while in Recovery mode, but this time type csrutil enable, then press Enter and restart.
But there’s an easier way – download and install the new Paragon Hard Disk Manager for Mac®, which provides, on top of other useful functions, one-click SIP disable feature.
When your SIP is disabled, do the following: open Finder and select Go -> Go to Folder from the menu. Copy and paste the /System/Library/Extensions path into the field and look for two files located there:
IOUSBMassStorageClass.kext
IOFireWireSerialBusProtocolTransport.KEXT
Move these files to the Desktop or other location, but be sure to keep them somewhere safe — you’ll need them to enable your USB ports again!
These small tricks can help you protect your information from being stolen or damaged. If you are interested in more advanced and useful features to protect your Mac, try our new Paragon Hard Disk Manager for Mac, a powerful disk management utility for OS X, featuring:
- System Integrity Protection in OS X 10.11 El Capitan support;
- Core Storage backup and restore;
- Snapshot-driven backup;
One thought on “An extremely simple trick to keep your Mac or PC from unauthorized access”