Date: Mon, 09 Jan 2012 14:56:15 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Florian Weimer <fw@...eb.enyo.de> Subject: Re: Malicious devices & vulnerabilties On 01/09/2012 12:35 PM, Florian Weimer wrote: > * Kurt Seifried: > >> Firewire has DMA. >> >> http://cansecwest.com/core05/2005-firewire-cansecwest.swf >> >> eSATA - also does DMA. >> >> Thunderbolt also does DMA. >> >> In other words a lot of the newer/higher end interfaces all do DMA >> which is ... a problem. > Gigabit Ethernet adapters also do DMA. Is it really the case that the > (e)SATA implementation is as problematic as IEEE 1394? I don't think > SATA exposes the DMA functionality over the wire. Hmmm yeah reading some Intel docs it would appear they did DMA and SATA sanely http://www.intel.com/assets/pdf/whitepaper/252664.pdf However it would appear Thunderbolt didn't do such a good job: http://www.theregister.co.uk/2011/02/24/thunderbolt_mac_threat/ -- -- Kurt Seifried / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ