Fun fact: Iran penetrated the pentagon by loading viruses onto jump drives, loading jump drives into pillow cases and then driving past pentagon parking areas flinging handfuls of jump drives into parking lots. It only took one moron to grab a flash drive off the tarmac and go "hmmm gee free gadget let's see what's on it!" to get a trojan onto closed military networks, but dozens of people did so.
Worm by Mark Bowden, PP 124-125. So: Bowden lists 1 user, where I hyperbolized to "dozens." No foreign intelligence has ever been named in the Agent.btz attack but considering it first appeared "at a base in the Middle East" Iran is a good guess. But no one is exactly talking. Inside glimpse of the "hey, I just made wild claims without backing it up, what does it look like when I try to back it up?"Particularly troubling was the USB drive capability. It meant that even “closed” computer networks, those with no connection to the Internet, were vulnerable to the new strain, since users who cannot readily transmit files from point to point via the web often store and transport them on small USB drives. There had been just such a security breach at the Pentagon, one of the biggest closed networks, a notorious episode that confirmed the adage about a chain being only as strong as its weakest link. Someone had hurled fistfuls of USB drives out of a car window into a parking lot outside the gigantic military headquarters in Arlington. A defense department employee (the weak link) had picked one up off the pavement and, curious enough to be heedless, plugged it into a computer at the complex, thereby injecting a nasty virus into the large, supposedly sealed and secure military network. This had prompted a ban on all USB drives at secure government computers (about which more later).
Wrap it Up, it's 2015 http://int3.cc/products/usbcondoms
If I had the money/time, I'd buy or refurb a small laptop, wipe the hard drive clean and install Ubuntu. Then, I would intentionally try to get hacked, as I would have zero risk of leaking personal information. I'd have a machine on which to learn hacking as well. The only hard thing to remember is to never sign in to any personal account of yours over the web browser.
Apparently it doesn't take much to obliterate your USB port, and that's with a completely unpowered home-made device. Now I'm terrified of plugging anything into anything else forever. Out of curiosity, and USB nukes aside, what's the best way to read the data off a USB stick while protecting yourself against malware? The article mentioned booting into a throw-away OS, which I suppose would do the trick.