Qubes uses VT-D to protect against DMA attacks on things such as WiFi chip.
But are there any proven DMA attacks against wired networking, i.e. Ethernet..? Hackers can exploit a buffer overflow on the network card's firmware, and use that to take control of the network card, and issue a DMA attack to take control of the entire host computer. I previously posted a thread about this on qubes-users ("Question on DMA attacks") ... and Marek mentioned WiFi when speaking of DMA attacks. Is Ethernet also vulnerable...? Or just WiFi..? I say this because I wanted to build a Tor router that sits between Qubes and my main router... so that even if Qubes gets hacked, they can only see what I'm doing, and not WHO I am. The theory being, that there are no exploits for Tor itself, and only for the Firefox browser. Thus, the IP address is always obscured behind the Tor router. So my router box is going to have Ethernet only, because if my Qubes is hacked, then it could just use WiFi to scan for nearby routers, including my own WiFi router, and thus identify me. So, wired networking is a must. And thus, I wanted to know if Ethernet is vulnerable to DMA attacks, because if it is, then I would have to use Qubes for the Tor box in the middle.. or at least, use some OS that supports VT-D, even if it's not Qubes. Qubes has high system requirements, thus I'd prefer to have a cheap computer as the Tor router in the middle.. But if there truly are exploits against Ethernet, then I'll just have to use Qubes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5db2fc77-ecfe-446e-8ee1-80309bf3b05c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.