Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2017-09-21 Thread Julian H. Stacey
Hi all Hans Petter Selasky wrote: > On 09/20/17 20:06, Julian H. Stacey wrote: > > A tiny diff to make it easier to grep sysctl descriptions: > > > > http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/sys/dev/usb/usb_hub.c.REL=12.0-CURRENT.diff > > Hi, > > Please wrap the long string

Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2017-09-21 Thread WhiteWinterWolf (Simon)
Hi Julian, You don't need microscopic chips or highly engineered devices to implement a working BadUSB attack. Nothing looks more as a Dell mouse than another Dell mouse, and a malicious mouse offers plenty of space to store all the chips you may want. USB sticks are also still widely found

Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2017-09-21 Thread Gary Jennejohn
On Wed, 20 Sep 2017 22:18:02 +0200 Hans Petter Selasky wrote: > On 09/20/17 20:06, Julian H. Stacey wrote: > > A tiny diff to make it easier to grep sysctl descriptions: > > http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/sys/dev/usb/usb_hub.c.REL=12.0-CURRENT.diff

Re: Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2017-09-20 Thread Hans Petter Selasky
On 09/20/17 20:06, Julian H. Stacey wrote: A tiny diff to make it easier to grep sysctl descriptions: http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/sys/dev/usb/usb_hub.c.REL=12.0-CURRENT.diff Hi, Please wrap the long string in multiple pieces before committing it. Looks

Re.: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2017-09-20 Thread Julian H. Stacey
Hi usb@ & security@ freebsd.org, hps@ (cc'd) introduced a FreeBSD Sysctl Oct 2014: hw.usb.disable_enumeration: 0 dev.uhub.4.disable_enumeration: 0 dev.uhub.3.disable_enumeration: 0 dev.uhub.2.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-22 Thread Hans Petter Selasky
On 10/22/14 03:09, Dewayne Geraghty wrote: Hans, Thank-you for these enhancements, as its good to have something in the armoury to try to address this issue. I applied the patch https://lists.freebsd.org/pipermail/svn-src-head/2014-October/063443.html to an updated 10.Stable overnight.

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-21 Thread Dewayne Geraghty
On 10/10/2014 1:44 AM, Hans Petter Selasky wrote: On 10/09/14 15:59, Oliver Pinter wrote: On 10/9/14, Hans Petter Selasky h...@selasky.org wrote: Hi Julian, On 10/09/14 01:46, Julian H. Stacey wrote: Hi Hans etc Julian H. Stacey wrote: Hans Petter Selasky wrote: Hi, Can you test the

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-08 Thread Hans Petter Selasky
Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.org/changeset/base/272733 After the patch you will get something like: hw.usb.disable_enumeration: 0 dev.uhub.0.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0 ... which is also settable

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-08 Thread Julian H. Stacey
Hi Hans etc Julian H. Stacey wrote: Hans Petter Selasky wrote: Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.org/changeset/base/272733 I'm now on latest current with src sys/ GENERIC /usr/src/.ctm_status# src-cur 11645 This time I

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-07 Thread Julian H. Stacey
Hi Hans Petter Selasky wrote: On 10/06/14 22:30, Poul-Henning Kamp wrote: In message 201410061956.s96ju8s3089...@fire.js.berklix.net, Julian H. Stacey writes: For FreeBSD, I guess for serious security, every new device that is connected recognised by /sbin/devd

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-06 Thread Oliver Pinter
fwd to HardenedBSD Developers On 10/6/14, Julian H. Stacey j...@berklix.com wrote: Hi freebsd-usb@freebsd.org, (I suggest replies to usb@) cc: freebsd-secur...@freebsd.org FYI Ref. article on BadUSB pan OS (non FreeBSD specific) security loophole

Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

2014-10-06 Thread Hans Petter Selasky
On 10/06/14 22:30, Poul-Henning Kamp wrote: In message 201410061956.s96ju8s3089...@fire.js.berklix.net, Julian H. Stacey writes: For FreeBSD, I guess for serious security, every new device that is connected recognised by /sbin/devd should in future be personaly authorised by a