oss-sec mailing list archives

Re: Malicious devices & vulnerabilties

From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 09 Jan 2012 20:35:53 +0100

* Kurt Seifried:

Firewire has DMA. 

http://cansecwest.com/core05/2005-firewire-cansecwest.swf

eSATA - also does DMA.

Thunderbolt also does DMA. 

In other words a lot of the newer/higher end interfaces all do DMA
which is ... a problem.


Gigabit Ethernet adapters also do DMA.  Is it really the case that the
(e)SATA implementation is as problematic as IEEE 1394?  I don't think
SATA exposes the DMA functionality over the wire.

Current thread:

Re: Malicious devices & vulnerabilties, (continued)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 08)
  - Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)
    - Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 08)
    - Re: Malicious devices & vulnerabilties Ludwig Nussel (Jan 09)
    - Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 09)
  - Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
    - Re: Malicious devices & vulnerabilties Eitan Adler (Jan 08)
    - Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
    - Re: Malicious devices & vulnerabilties Vasiliy Kulikov (Jan 09)
    - Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 08)
    - Re: Malicious devices & vulnerabilties Florian Weimer (Jan 09)
    - Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 09)
- Re: Malicious devices & vulnerabilties Greg KH (Jan 08)
  - Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
  - Re: Malicious devices & vulnerabilties Hanno Böck (Jan 08)
    - Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)
- Re: Malicious devices & vulnerabilties Eitan Adler (Jan 08)