oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Malicious devices & vulnerabilties

From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 08 Jan 2012 12:19:44 +0100
* Xi Wang:


I am wondering where to draw the line.  Should such device drivers
be considered vulnerable or not?  Thanks.


I think they should be considered vulnerable.  Some applications need
some robustness to attacks even from the local console (e.g., student
computer rooms).

USB is also a popular transport in many air-gapped environments.
Previous By Date Next
Previous By Thread Next

Current thread: