On Fri, Oct 17, 2014 at 07:01:05PM +0200, Bjørn Mork wrote: > Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> writes: > > > The exploitability lies in what you mentioned above: that you have to > > be aware of what you plug into your machine, and that devices that were > > previously thought not to be corruptible actually are. Taken together, > > these two ingredients make up a recipe for a social exploit: reprogram > > an innocent-looking device and give it to someone who doesn't realize > > how dangerous it could be. > > > > Furthermore, there's no reasonable way to test for this sort of attack. > > That is, given a USB device, you can't easily determine whether the > > firmware it contains is dangerous without exposing yourself to the > > danger. The only effective defense is never to plug in a USB device > > unless you know it has never been used by anybody else. > > This really isn't any different for any other bus protocol, is it? The > only thing making USB special is that both ports and devices are so > common. But you do have the same issue with Cardbus/ExpressCard > devices, Thunderbolt devices or any other hotpluggable device with > firmware in flash. Thunderbolt/cardbus/expresscard/firewire all are worse in that the device itself can sniff memory anywhere in the system if it wants to, which is _much_ worse than anything USB could even dream of doing. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
