Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi all Hans Petter Selasky wrote: > On 09/20/17 20:06, Julian H. Stacey wrote: > > A tiny diff to make it easier to grep sysctl descriptions: > > > > http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/sys/dev/usb/usb_hub.c.REL=12.0-CURRENT.diff > > Hi, > > Please wrap the long string

Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi Julian, You don't need microscopic chips or highly engineered devices to implement a working BadUSB attack. Nothing looks more as a Dell mouse than another Dell mouse, and a malicious mouse offers plenty of space to store all the chips you may want. USB sticks are also still widely found

Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On Wed, 20 Sep 2017 22:18:02 +0200 Hans Petter Selasky wrote: > On 09/20/17 20:06, Julian H. Stacey wrote: > > A tiny diff to make it easier to grep sysctl descriptions: > > http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/sys/dev/usb/usb_hub.c.REL=12.0-CURRENT.diff > > Hi, > > Pleas

Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 09/20/17 20:06, Julian H. Stacey wrote: A tiny diff to make it easier to grep sysctl descriptions: http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/sys/dev/usb/usb_hub.c.REL=12.0-CURRENT.diff Hi, Please wrap the long string in multiple pieces before committing it. Looks g

Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi usb@ & security@ freebsd.org, hps@ (cc'd) introduced a FreeBSD Sysctl Oct 2014: hw.usb.disable_enumeration: 0 dev.uhub.4.disable_enumeration: 0 dev.uhub.3.disable_enumeration: 0 dev.uhub.2.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0 de

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 10/22/14 03:09, Dewayne Geraghty wrote: Hans, Thank-you for these enhancements, as its good to have something in the armoury to try to address this issue. I applied the patch https://lists.freebsd.org/pipermail/svn-src-head/2014-October/063443.html to an updated 10.Stable overnight. Disabli

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 10/10/2014 1:44 AM, Hans Petter Selasky wrote: > On 10/09/14 15:59, Oliver Pinter wrote: >> On 10/9/14, Hans Petter Selasky wrote: >>> Hi Julian, >>> >>> On 10/09/14 01:46, Julian H. Stacey wrote: Hi Hans etc "Julian H. Stacey" wrote: > Hans Petter Selasky wrote: >> Hi, >

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 10/9/14, Hans Petter Selasky wrote: > On 10/09/14 15:59, Oliver Pinter wrote: >> On 10/9/14, Hans Petter Selasky wrote: >>> Hi Julian, >>> >>> On 10/09/14 01:46, Julian H. Stacey wrote: Hi Hans etc "Julian H. Stacey" wrote: > Hans Petter Selasky wrote: >> Hi, >> >> Ca

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 10/09/14 15:59, Oliver Pinter wrote: On 10/9/14, Hans Petter Selasky wrote: Hi Julian, On 10/09/14 01:46, Julian H. Stacey wrote: Hi Hans etc "Julian H. Stacey" wrote: Hans Petter Selasky wrote: Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

> BTW: I've added some exceptions, that existing devices can be detached, > suspend/resumed and reset while the enumeration is disabled. > > https://svnweb.freebsd.org/changeset/base/272807 > Can you also test that patch? OK, will do. (I've got a cold so I'm slow & making mistakes, sorry). I

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi, Reference: > From: Oliver Pinter > Date: Thu, 9 Oct 2014 15:59:28 +0200 Oliver Pinter wrote: > On 10/9/14, Hans Petter Selasky wrote: > > Hi Julian, > > > > On 10/09/14 01:46, Julian H. Stacey wrote: > >> Hi Hans etc > >> "Julian H. Stacey" wrote: > >>> Hans Petter Selasky wr

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 10/9/14, Hans Petter Selasky wrote: > Hi Julian, > > On 10/09/14 01:46, Julian H. Stacey wrote: >> Hi Hans etc >> "Julian H. Stacey" wrote: >>> Hans Petter Selasky wrote: Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.org/chan

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi Julian, On 10/09/14 01:46, Julian H. Stacey wrote: Hi Hans etc "Julian H. Stacey" wrote: Hans Petter Selasky wrote: Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.org/changeset/base/272733 I'm now on latest current with src & sys/ GENERIC /usr

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi Hans etc "Julian H. Stacey" wrote: > Hans Petter Selasky wrote: > > Hi, > > > > Can you test the following kernel patch and give some feedback: > > > > https://svnweb.freebsd.org/changeset/base/272733 I'm now on latest current with src & sys/ GENERIC /usr/src/.ctm_status# src-cur 11645

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hans Petter Selasky wrote: > Hi, > > Can you test the following kernel patch and give some feedback: > > https://svnweb.freebsd.org/changeset/base/272733 > > After the patch you will get something like: > > hw.usb.disable_enumeration: 0 > dev.uhub.0.disable_enumeration: 0 > dev.uhub.1.disable_e

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.org/changeset/base/272733 After the patch you will get something like: hw.usb.disable_enumeration: 0 dev.uhub.0.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0 ... which is also settable throug

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi Hans Petter Selasky wrote: > On 10/06/14 22:30, Poul-Henning Kamp wrote: > > > > In message <201410061956.s96ju8s3089...@fire.js.berklix.net>, "Julian H. > > Stacey > > " writes: > > > >> For FreeBSD, > >> I guess for serious security, every new device that is connected > >> & reco

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

On 10/06/14 22:30, Poul-Henning Kamp wrote: In message <201410061956.s96ju8s3089...@fire.js.berklix.net>, "Julian H. Stacey " writes: For FreeBSD, I guess for serious security, every new device that is connected & recognised by /sbin/devd should in future be personaly authorised

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

In message <201410061956.s96ju8s3089...@fire.js.berklix.net>, "Julian H. Stacey " writes: >For FreeBSD, > I guess for serious security, every new device that is connected > & recognised by /sbin/devd should in future be personaly authorised > by a human ! One can no longer trust what

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

> one device, then pause & masquerade another device type. This is > an OS independent security list. . Oops typed too fast. Swap /list/liability/ Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous wit

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

fwd to HardenedBSD Developers On 10/6/14, Julian H. Stacey wrote: > Hi freebsd-usb@freebsd.org, (I suggest replies to usb@) > cc: freebsd-secur...@freebsd.org FYI > > Ref. article on BadUSB pan OS (non FreeBSD specific) security loophole > http://www.bbc.com/news/technology-2

BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Hi freebsd-usb@freebsd.org, (I suggest replies to usb@) cc: freebsd-secur...@freebsd.orgFYI Ref. article on BadUSB pan OS (non FreeBSD specific) security loophole http://www.bbc.com/news/technology-29475566 Dated 6 October 2014 Last updated at 15:29 GMT I found https