Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Malicious devices & vulnerabilties
From: Kurt Seifried <kseifrie () redhat com>
Date: Mon, 09 Jan 2012 00:11:24 -0500 (EST)

Firewire has DMA. 

http://cansecwest.com/core05/2005-firewire-cansecwest.swf

eSATA - also does DMA.

Thunderbolt also does DMA. 

In other words a lot of the newer/higher end interfaces all do DMA which is ... a problem.

-Kurt

----- Original Message -----
From: "Xi Wang" <xi.wang () gmail com>
To: oss-security () lists openwall com
Sent: Sunday, January 8, 2012 1:13:37 PM
Subject: Re: [oss-security] Malicious devices & vulnerabilties

On Jan 8, 2012, at 6:19 AM, Florian Weimer wrote:
I think they should be considered vulnerable.  Some applications need
some robustness to attacks even from the local console (e.g., student
computer rooms).

Thanks for bringing that up.  Student computer rooms are a
nice example, and a good old memory. ;-)

USB is also a popular transport in many air-gapped environments.

What else might be on this "untrusted" device list?  Firewire?
I guess those in the PC box don't count.

- xi


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]