Latch USB Monitor

Monitors Plug ‘n Play device (PNP) changes in Windows and gives the user the possibility of tracking incoming devices, and react accordingly to a preconfigured Latch response

Tool description

New tool to monitor PNP devices with Latch.

Latch USB Monitor is a tool that monitors Plug ‘n Play device (PNP) changes in Windows and gives the user the possibility of tracking incoming devices, and react accordingly to a preconfigured Latch response. For instance, it would allow to block USB ports so it will not recognize a new inserted memory USB stick until it is authorized with the movile device.

Latch USB Monitor works as a service and has a GUI to configure it. That means it still works and monitors incoming devices even when no user is logged in. The service is constantly monitoring any device with the characteristics given by the user. When it occurs, it asks Latch servers and reacts in the way that the user has configured it.

It may as well be used as an alerting system, with no action associated to an event. So if a device is plugged to the machine, a blocking message is sent by Latch to the mobile device, but no action is taken.

Functionalities

First of all, a Latch account has to be set with a pairing token. Go to Latch management and add the App ID and secret. A timeout is specified here. This means that if the computer is not connected to a network or, for any other reason it cannot get a response from Latch in the specified time limit (0 milliseconds by default which corresponds to no timeout) the “no response” action is applied.

HOW TO ADD AND CONFIGURE AN EVENT

Each monitored device, may have these fields:

- Device (optional): If your device is currently plugged in, you can choose it from this dropdown menu where all attached devices are listed.

- Description (optional): Giving a meaningful description of the device helps you better identify it in the main list.

- Instance ID: The ID that uniquely identifies a device in a Windows machine. When an arriving Device Instance ID is detected it goes through a matching system that can be used to discard or allow the rule. If the string set matches, the Latch query will be launched. This is treated as a string, so “Starts with”, “Contains”… may be used to match.

- Operation ID: The operation ID used in Latch.

- Actions.Open (optional): If the Latch query responds with an “on”, the process specified here will be launched, with the specified argument set (optional).

- Actions.Closed (optional): If the Latch query responds with an “off”, the process specified here will be launched, with the specified argument set (optional).

- Actions.No response (optional): If the Latch query doesn’t respond (because there’s no connectivity, for instance, after the timeout declared in “Latch settings”), the process specified here will be launched, with the specified argument set (optional).
Latch USB Monitor
OUR TOOLS

Pn Patrol for Firefox

IDENTITY AND PRIVACY

Firefox extension that shows in a readable format, the state of HSTS (HTTP Strict Transport Security) and HPKP (HTTP Public Key Pins) domains stored by the browser.

EmetRules

CONFIDENCE ON THE INTERNET

A simple command line tool that creates a configuration for importing into EMET, so that the user does not need to take any action.

Pin Patrol for Chrome

IDENTITY AND PRIVACY

A tool for improving the experience using HSTS and HPKP in Chrome. It shows this information in a human readable way, from your own browser or from any other.