intrigeri: > Hi Jake, > > Jacob wrote (late 2011): >>> Disable all firewire kernel modules. This will help fight against >>> forensics programs that will attempt to suck out memory with the >>> internal firewire or a cardbus/pcmcia card. > > And [email protected] replied (05 Jan 2012 23:54:40 GMT) : >> Recent Linux kernels shipped by Debian use filtered physical DMA; >> unfiltered physical DMA seems to be disabled >> (CONFIG_FIREWIRE_OHCI_REMOTE_DMA is not set). Do you know which class >> of attacks is still practicaly doable on such a system? > > We are still very interested in your answer to this question :) > Thanks a lot in advance! >
I'm not sure, so I'd still disable it until you have a forensics toolkit or three that fails to work. > (Reference: https://tails.boum.org/todo/disable_firewire__63__/) Also, what about pcmcia/pccard/express card? All the best, Jake _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
