mailing list archives
Re: Malicious devices & vulnerabilties
From: Kurt Seifried <kseifrie () redhat com>
Date: Mon, 09 Jan 2012 00:11:24 -0500 (EST)
Firewire has DMA.
eSATA - also does DMA.
Thunderbolt also does DMA.
In other words a lot of the newer/higher end interfaces all do DMA which is ... a problem.
----- Original Message -----
From: "Xi Wang" <xi.wang () gmail com>
To: oss-security () lists openwall com
Sent: Sunday, January 8, 2012 1:13:37 PM
Subject: Re: [oss-security] Malicious devices & vulnerabilties
On Jan 8, 2012, at 6:19 AM, Florian Weimer wrote:
I think they should be considered vulnerable. Some applications need
some robustness to attacks even from the local console (e.g., student
Thanks for bringing that up. Student computer rooms are a
nice example, and a good old memory. ;-)
USB is also a popular transport in many air-gapped environments.
What else might be on this "untrusted" device list? Firewire?
I guess those in the PC box don't count.
Re: Malicious devices & vulnerabilties Greg KH (Jan 08)
Re: Malicious devices & vulnerabilties Eitan Adler (Jan 08)