OK, so how about using PIO purely..?
A device which can do PIO and PIO only.
Would this then be more secure..? Or would the attack just be carried out by
the CPU rather than RAM..?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe
On 10/08/2016 07:05 PM, Ilpo Järvinen wrote:
> On Sat, 8 Oct 2016, neilhard...@gmail.com wrote:
>
>> DMA allows network card to read/write RAM.
>>
>> DMA attack allows one already-compromised VM to read the RAM of another
>> VM, thus breaching Qubes isolation... unless you use VT-D, although
>> f
On Sat, 8 Oct 2016, neilhard...@gmail.com wrote:
> DMA allows network card to read/write RAM.
>
> DMA attack allows one already-compromised VM to read the RAM of another
> VM, thus breaching Qubes isolation... unless you use VT-D, although
> flaws in VT-D have been shown.
>
> Remote DMA attack
DMA allows network card to read/write RAM.
DMA attack allows one already-compromised VM to read the RAM of another VM,
thus breaching Qubes isolation... unless you use VT-D, although flaws in VT-D
have been shown.
Remote DMA attack allows packets sent to the network card directly over the
web,
On 10/08/2016 04:36 PM, neilhard...@gmail.com wrote:
> I've been going through some of the networking modules on my Qubes system.
> [...]
>
Let's start from the beginning.
Can you explain to us how a DMA attack works?
--
Rudd-O
http://rudd-o.com/
--
You received this message because y
I've been going through some of the networking modules on my Qubes system.
Some of them would indicate that DMA can be switched off entirely, and PIO used
instead.
For example:
b43.ko
modinfo -F parm
/lib/modules/4.4.14-11.pvops.qubes.x86_64/kernel/drivers/net/wireless/b43/b43.ko
pio:Use PIO
On 10/08/2016 04:06 PM, neilhard...@gmail.com wrote:
> This paper suggests it is definitely possible to attack a network card
> remotely
>
> This is written by the French intelligence agency, "ANSSI - French Network
> and Information Security Agency"
>
> http://www.ssi.gouv.fr/uploads/IMG/pdf/pap
This paper suggests it is definitely possible to attack a network card remotely
This is written by the French intelligence agency, "ANSSI - French Network and
Information Security Agency"
http://www.ssi.gouv.fr/uploads/IMG/pdf/paper.pdf
"
In [8], we demonstrated how it is possible for an attac
On 10/07/2016 11:25 PM, neilhard...@gmail.com wrote:
> OK. This is getting confusing.
>
> So you are now saying that you can't do a DMA attack over the web..?
>
> If I had one computer connected to another via Ethernet crossover, could one
> computer infect the other via DMA by sending the DMA att
OK, so we've gone from not do-able remotely, to "may or may not be possible",
and "this is hard"
Are there any proven such attacks on Ethernet? Any proof of concepts?
Also, would USB Ethernet make this attack any easier..? Something like a USB
Ethernet dongle?
http://i.imgur.com/l5ntqFe.jpg
--
OK, so we've gone from not do-able remotely, to "may or may not be possible",
and "this is hard"
Are there any proven such attacks on Ethernet? Any proof of concepts?
Also, would USB Ethernet make this attack any easier..? Something like a USB
Ethernet dongle?
http://i.imgur.com/l5ntqFe.jpg
-
OK. This is getting confusing.
So you are now saying that you can't do a DMA attack over the web..?
If I had one computer connected to another via Ethernet crossover, could one
computer infect the other via DMA by sending the DMA attack over the crossover
cable..?
Or can a computer only launch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Oct 07, 2016 at 01:31:56PM -0700, neilhard...@gmail.com wrote:
> Another question...
>
> Are DMA attacks on Ethernet are even plausible?
>
> WiFi seems much more vulnerable than Ethernet, due to more complexity.
I think there is misund
Another question...
Are DMA attacks on Ethernet are even plausible?
WiFi seems much more vulnerable than Ethernet, due to more complexity.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving ema
"
The original cards, the NE1000 (8-bit ISA; announced as "E-Net adapter" in
February 1987 for 495 USD) and NE2000 (16-bit ISA), and the corresponding use
of limited 8-bit and later 16-bit DMA in the NE2000
"
That seems to say that DMA is in fact used in the NE2000.
By the way, will these cards
Am 07.10.2016 um 20:40 schrieb neilhard...@gmail.com:
> On Friday, 7 October 2016 19:37:50 UTC+1, Achim Patzner wrote:
>> I think I’ve still got a bunch of NE2000 and early RealTekNICs somewhere in
>> the cellar – how much do you want to offer?
>
> Are you saying that these devices are non-DMA…
On Friday, 7 October 2016 19:37:50 UTC+1, Achim Patzner wrote:
> I think I’ve still got a bunch of NE2000 and early RealTekNICs somewhere in
> the cellar – how much do you want to offer?
Are you saying that these devices are non-DMA...?
--
You received this message because you are subscribed t
Am 07.10.2016 um 16:57 schrieb neilhard...@gmail.com:
>
> Presumably through the CPU.
I think I’ve still got a bunch of NE2000 and early RealTekNICs somewhere in the
cellar – how much do you want to offer?
> So I see no reason you couldn’t get Ethernet + WiFi chips without DMA.
I do; those doi
Qubes uses VT-D and a Net VM to attempt to isolate buggy WiFi adapters from the
rest of the Qubes system.
But this isolation still depends on Xen not having bugs... And we know that Xen
has bugs, and will likely continue to have more going forward.
So, instead of VT-D, why not just switch off D
19 matches
Mail list logo