Most people don’t give a second thought to leaving their computer alone for a bit, feeling secure that if it’s locked and password-protected, nobody’s going to be able to do anything with it. A new device called PoisonTap can bypass a locked computer, and it only costs about $5.
With PoisonTap, created by a hacker developer named Samy Kamkar, all a ne’er-do-well has to do is plug it into a USB port, hang out for a minute, unplug it and go. The device, built as a network device on a Raspberry Pi Zero, tricks the victim computer into thinking that it’s the internet and has the computer send traffic to it. The hacker then has access to your online information, including cookies.
On the plus side, it doesn’t steal any information transmitted with HTTPS encryption, and a browser needs to be open in the background of your computer when you plug in the PoisonTap. While this isn’t something everyone needs to worry about, since it requires physical access to the computer, if you are concerned you can just shut down your computer when you’re not using it, or, more simply, just shut your browser before you lock the machine.