[GTALUG] Fwd: Re: DMA kernel attacks

2017-03-17 Thread Russell Reiter via talk 
I sent this forwarded msg to you only Lennart, its not in the archive.

I was trying to be nice to you, yet you are as always, since you first
joined this list, so very nasty to me.

Read what you previously posted about how its the videos fault for starting
near the end that you didnt understand what it was about.

Thats a pretty lame thing to say. Its even lamer than pretending you get
something you dont really get.

Three posts in a row, your comments on this thread. Two of them responded
to where I had sent private messages like the one below and you sent your
reasoning to the list.

Thats a particular kind of nasty that you exhibit towards me for whatever
disfunctional reason that motivates you.

I dont have to prove anything from the archives in order to show anyone
else on the list just how disfunctional you are.

You do it every time you say something stupid with the intent to show how
smart you are.

-- Forwarded message --
From: "Russell Reiter" 
Date: Mar 13, 2017 10:50 AM
Subject: Re: [GTALUG] DMA kernel attacks
To: "Lennart Sorensen" 
Cc:



On Mar 13, 2017 10:27 AM, "Lennart Sorensen" 
wrote:

On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
> Another DEFCON talk. This is a hardware attack on M$, OSX & Linux,
PCIleech
> = 150mbs over usb3.
>
> https://www.youtube.com/watch?v=fXthwl6ShOg=PL9fPq3eQfa
aAvXV3hJc4yHuNxoviVckoE=15#t=2508.995164

Well first you have to install your PCIe card in the target machine,
which means you would have to shut it down first, which could make
booting it again difficult.


Ummm ... PCIe is hot plugable with the right software.


I thought initially they found a flaw in USB3, but no that is not
the case.

So it doesn't do anything we didn't already have a problem with in
firewire years ago.  So yes if you get to put your own PCIe hardware in
a machine, you can DMA memory.  And it's a bit faster than a firewire
card was.

The firewire and thunderbolt issues in the past seem much more of a
concern than this because they were hardware already present in the
target machine.  This is pretty much just irrelevant.


Maybe to you. I dont consider increase of transfer rate from 3mbs to 150mbs
irrelevant by any means.

Just because I highlight one bit of information which I gleaned from a
source and wanted to share, as a matter of general interest; this doesent
mean I didn't want you to learn from the post.

I did it because I do want you to learn from it. Like you just now learned
PCIe can be accessed without rebooting.


--
Len Sorensen
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] DMA kernel attacks

2017-03-17 Thread Jason Shaw via talk 
Can we keep personal opinions and insults off the list?

On Fri, Mar 17, 2017 at 3:28 PM, Russell Reiter via talk 
wrote:

> On Mar 17, 2017 3:11 PM, "Lennart Sorensen" 
> wrote:
>
> On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
> > Ok to recap. You assumed you needed to turn off the computer to install
> > PCIe. You learned PCIe is hot pluggable. You assumed the card had to be
> > plugged into the target machine, you learned it did not.
>
> Well no.  I already knew PCIe could be hot plugable and also knew it
> usually is not.  expresscard on the other hand always is, I just forgot
> it existed and didn't think the device in question would work with that.
>
> Brain initially says: PCIe attack implies desktop which doesn't have
> hotplug implies this is irrelevant. :)
>
> > I was just pointing out why you made those false assumptions and then
> > wrongly designated the information as irrelevant.
> >
> > Its because I didn't explicitly describe what was so obvious in the
> video.
> >
> > I'd normally politely say my bad but in this case I think not.
>
> If I had watched the video from the start initially it might have helped.
> Unfortunately youtube helped and made the link you posted start at a
> few minutes from the end.  Youtube can be annoying at times.
>
> And yes the "over usb3" comment did give the wrong initial impression.
>
> In the end it does seem like a neat trick.
>
>
> Not as neat as your way of pissing me off by selectively editing and
> trying to look reasonable about it.
>
> Those three posts in a row make it look like you are having a nice
> reasoned conversation with yourself.
>
> However, it was me you were replying to and you snipped without form.
>
> Thats one of the oldest shitheel moves on usenet. You were probably still
> in short pants when I first noticed that some people do treat others
> contempt in that manner.
>
> Its nothing new and I wouldnt ask for you to be banned as an abuser but
> best if you just ignore my posts from now on.
>
> You will come across smarter than the past set of arguments with me have
> demonstrated.
>
> OK
>
>
> --
> Len Sorensen
>
>
>
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] DMA kernel attacks

2017-03-17 Thread Russell Reiter via talk 
On Mar 17, 2017 3:11 PM, "Lennart Sorensen" 
wrote:

On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
> Ok to recap. You assumed you needed to turn off the computer to install
> PCIe. You learned PCIe is hot pluggable. You assumed the card had to be
> plugged into the target machine, you learned it did not.

Well no.  I already knew PCIe could be hot plugable and also knew it
usually is not.  expresscard on the other hand always is, I just forgot
it existed and didn't think the device in question would work with that.

Brain initially says: PCIe attack implies desktop which doesn't have
hotplug implies this is irrelevant. :)

> I was just pointing out why you made those false assumptions and then
> wrongly designated the information as irrelevant.
>
> Its because I didn't explicitly describe what was so obvious in the video.
>
> I'd normally politely say my bad but in this case I think not.

If I had watched the video from the start initially it might have helped.
Unfortunately youtube helped and made the link you posted start at a
few minutes from the end.  Youtube can be annoying at times.

And yes the "over usb3" comment did give the wrong initial impression.

In the end it does seem like a neat trick.


Not as neat as your way of pissing me off by selectively editing and trying
to look reasonable about it.

Those three posts in a row make it look like you are having a nice reasoned
conversation with yourself.

However, it was me you were replying to and you snipped without form.

Thats one of the oldest shitheel moves on usenet. You were probably still
in short pants when I first noticed that some people do treat others
contempt in that manner.

Its nothing new and I wouldnt ask for you to be banned as an abuser but
best if you just ignore my posts from now on.

You will come across smarter than the past set of arguments with me have
demonstrated.

OK


--
Len Sorensen
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] DMA kernel attacks

2017-03-17 Thread Lennart Sorensen via talk 
On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
> Ok to recap. You assumed you needed to turn off the computer to install
> PCIe. You learned PCIe is hot pluggable. You assumed the card had to be
> plugged into the target machine, you learned it did not.

Well no.  I already knew PCIe could be hot plugable and also knew it
usually is not.  expresscard on the other hand always is, I just forgot
it existed and didn't think the device in question would work with that.

Brain initially says: PCIe attack implies desktop which doesn't have
hotplug implies this is irrelevant. :)

> I was just pointing out why you made those false assumptions and then
> wrongly designated the information as irrelevant.
> 
> Its because I didn't explicitly describe what was so obvious in the video.
> 
> I'd normally politely say my bad but in this case I think not.

If I had watched the video from the start initially it might have helped.
Unfortunately youtube helped and made the link you posted start at a
few minutes from the end.  Youtube can be annoying at times.

And yes the "over usb3" comment did give the wrong initial impression.

In the end it does seem like a neat trick.

-- 
Len Sorensen
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] DMA kernel attacks

2017-03-17 Thread Lennart Sorensen via talk 
On Thu, Mar 16, 2017 at 04:41:36PM -0400, Russell Reiter via talk wrote:
> 
> Date: Mar 16, 2017 12:49 PM
> Subject: Re: [GTALUG] DMA kernel attacks
> To: "Lennart Sorensen"  
> On Mar 13, 2017 10:50 AM, "Russell Reiter"  wrote:
> 
> 
> 
> On Mar 13, 2017 10:27 AM, "Lennart Sorensen" 
> wrote:
> 
> On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
> > Another DEFCON talk. This is a hardware attack on M$, OSX & Linux,
> PCIleech
> > = 150mbs over usb3.
> 
> 
> Sorry, I wasn't clear here. The PCI card goes in the attacking machine. The
> steal is over USB. Two tries for the linux box.
> 
> >
> > https://www.youtube.com/watch?v=fXthwl6ShOg=PL9fPq3eQfa
> aAvXV3hJc4yHuNxoviVckoE=15#t=2508.995164
> 
> Well first you have to install your PCIe card in the target machine,
> which means you would have to shut it down first, which could make
> booting it again difficult.
> 
> 
> Ummm ... PCIe is hot plugable with the right software.
> 
> 
> I thought initially they found a flaw in USB3, but no that is not
> the case.
> 
> So it doesn't do anything we didn't already have a problem with in
> firewire years ago.  So yes if you get to put your own PCIe hardware in
> a machine, you can DMA memory.  And it's a bit faster than a firewire
> card was.
> 
> The firewire and thunderbolt issues in the past seem much more of a
> concern than this because they were hardware already present in the
> target machine.  This is pretty much just irrelevant.
> 
> 
> Maybe to you. I dont consider increase of transfer rate from 3mbs to 150mbs
> irrelevant by any means.
> 
> Just because I highlight one bit of information which I gleaned from a
> source and wanted to share, as a matter of general interest; this doesent
> mean I didn't want you to learn from the post.
> 
> I did it because I do want you to learn from it. Like you just now learned
> PCIe can be accessed without rebooting.
> 
> 
> Among other things.
> 
> 
> 
> 
> --
> Len Sorensen

I am afraid I can't figure out what the reply was or to what.

Even going through the hassle of trying to view the html version didn't
help much.

-- 
Len Sorensen
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk