The tool didn’t tell me anything I didn’t already know, since everything on its report was something I plugged into the computer myself. However, I think it would be a valuable aid to help enforce policies on a network. These USB devices are becoming ubiquitous and they can introduce viruses or be used to spirit away confidential data.

There was an interesting report of a security consultant who dropped USB flash drives around a company parking lot. A significant number of them were picked up and subsequently plugged in, where auto-start software on the drive ran and emailed the consultant that they had been plugged in. This could just have well been a malicious program, a keystroke logger, or something that just zipped up all the data on the hard drive and transmitted it.