Re: unfixable usb porthole

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> writes:

> The exploitability lies in what you mentioned above: that you have to 
> be aware of what you plug into your machine, and that devices that were 
> previously thought not to be corruptible actually are.  Taken together, 
> these two ingredients make up a recipe for a social exploit: reprogram 
> an innocent-looking device and give it to someone who doesn't realize 
> how dangerous it could be.
>
> Furthermore, there's no reasonable way to test for this sort of attack.  
> That is, given a USB device, you can't easily determine whether the
> firmware it contains is dangerous without exposing yourself to the
> danger.  The only effective defense is never to plug in a USB device
> unless you know it has never been used by anybody else.

This really isn't any different for any other bus protocol, is it?  The
only thing making USB special is that both ports and devices are so
common.  But you do have the same issue with Cardbus/ExpressCard
devices, Thunderbolt devices or any other hotpluggable device with
firmware in flash.  And non-hotpluggable devices too, really.  The PCIe
ethernet card you bought on eBay could be programmed to do more than
just ethernet.  There is no way to tell without plugging it in.


Bjørn (feeding the paranoia)
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux