Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Malicious devices & vulnerabilties
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 09 Jan 2012 14:56:15 -0700

On 01/09/2012 12:35 PM, Florian Weimer wrote:
* Kurt Seifried:

Firewire has DMA. 

http://cansecwest.com/core05/2005-firewire-cansecwest.swf

eSATA - also does DMA.

Thunderbolt also does DMA. 

In other words a lot of the newer/higher end interfaces all do DMA
which is ... a problem.
Gigabit Ethernet adapters also do DMA.  Is it really the case that the
(e)SATA implementation is as problematic as IEEE 1394?  I don't think
SATA exposes the DMA functionality over the wire.
Hmmm yeah reading some Intel docs it would appear they did DMA and SATA
sanely

http://www.intel.com/assets/pdf/whitepaper/252664.pdf

However it would appear Thunderbolt didn't do such a good job:

http://www.theregister.co.uk/2011/02/24/thunderbolt_mac_threat/

-- 

-- Kurt Seifried / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault