On 2017-11-08, R0b0t1 <r03...@gmail.com> wrote:
> On Tue, Nov 7, 2017 at 11:08 PM, Dale <rdalek1...@gmail.com> wrote:
>> Howdy,
>>
>> I ran up on this link. Is there any truth to it and should any of us
>> Gentooers be worried about it?
>>
>> http://www.theregister.co.uk/2017/11/07/linux_usb_security_bugs/
>>
>> Isn't Linux supposed to be more secure than this??
>>
>
> In theory. There was no comment on the existence of such bugs in the
> Windows driver stack, but they likely exist. However, note:
>
> "The impact is quite limited, all the bugs require physical access to
> trigger," said Konovalov. "Most of them are denial-of-service, except
> for a few that might be potentially exploitable to execute code in the
> kernel."
Expecting a machine to be immune from DoS attacks by somebody who is
allowed to touch the machine is indeed delusion on a pretty grand
scale. Expecting a machine to be immune to other non-DoS attacks when
they can touch the machine is moderately deluded.
--
Grant Edwards grant.b.edwards Yow! Don't hit me!! I'm in
at the Twilight Zone!!!
gmail.com
