On Sul, 2005-01-23 at 05:43, Greg KH wrote:
> But as you already have physical access to the machine, it's quite easy
> to comprimise it in other ways, so "hostile" USB devices aren't really a
> pressing issue.
This is becoming the most worn out security myth on the planet.
Physical access in man
On Sun, Jan 23, 2005 at 10:41:13AM -0800, David Brownell wrote:
> On Saturday 22 January 2005 9:43 pm, Greg KH wrote:
> > On Sat, Jan 22, 2005 at 09:36:28PM +, Lilliput wrote:
> > > Then my second question was about the USB stack integrity (no specific
> > > to a linux platform) Do you think th
On Sunday 23 January 2005 8:42 am, Mark Williamson wrote:
>
> If USB peripherals could have arbitrary access to host memory by misbehaving
> then this would be a serious worry, security-wise. This is not the case for
> any HC I'm aware of.
That is, from the threat analysis perspective any USB
On Saturday 22 January 2005 5:33 pm, Mark Williamson wrote:
> > Then my second question was about the USB stack integrity (no specific
> > to a linux platform) Do you think that devices could create an overflow
> > in order to take control/install a software in the computer ?
>
> In terms of DMAin
On Saturday 22 January 2005 9:43 pm, Greg KH wrote:
> On Sat, Jan 22, 2005 at 09:36:28PM +, Lilliput wrote:
> > Then my second question was about the USB stack integrity (no specific
> > to a linux platform) Do you think that devices could create an overflow
> > in order to take control/install
> There's nothing unique about USB in this respect. Every device driver in
> the kernel is potentially subject to such an attack. Do you have any
> reason to think that USB might be especially vulnerable?
Just speculating here, since I don't know what Fabien was originally thinking
about: in sh
On Sat, 22 Jan 2005, Lilliput wrote:
> Hello all ;)
>
> I writing a research paper for the University of Bradford (UK).
> I'm looking for some security issue, through different type of
> communication in the USB protocoles.
>
> The first one is USB sniffing; software and hardware.
> * s
On Sat, Jan 22, 2005 at 09:36:28PM +, Lilliput wrote:
> Then my second question was about the USB stack integrity (no specific
> to a linux platform) Do you think that devices could create an overflow
> in order to take control/install a software in the computer ?
Yes, this could easily happe
> Then my second question was about the USB stack integrity (no specific
> to a linux platform) Do you think that devices could create an overflow
> in order to take control/install a software in the computer ?
In terms of DMAing to buffers, the only device you have to trust to play nice
is your
