On Mar 13, 2017 10:39 AM, "Lennart Sorensen via talk" <[email protected]> wrote:
On Mon, Mar 13, 2017 at 10:33:10AM -0400, Lennart Sorensen via talk wrote: > On Mon, Mar 13, 2017 at 10:27:35AM -0400, Lennart Sorensen via talk wrote: > > On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote: > > > Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech > > > = 150mbs over usb3. > > > > > > https://www.youtube.com/watch?v=fXthwl6ShOg&list= PL9fPq3eQfaaAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164 > > > > Well first you have to install your PCIe card in the target machine, > > which means you would have to shut it down first, which could make > > booting it again difficult. > > > > I thought initially they found a flaw in USB3, but no that is not > > the case. > > > > So it doesn't do anything we didn't already have a problem with in > > firewire years ago. So yes if you get to put your own PCIe hardware in > > a machine, you can DMA memory. And it's a bit faster than a firewire > > card was. > > > > The firewire and thunderbolt issues in the past seem much more of a > > concern than this because they were hardware already present in the > > target machine. This is pretty much just irrelevant. > > The exploit method is interesting (although nothing new), but the access > method is not. OK, I am wrong. The fact he has an expressscard, not just PCIe makes it very interesting since that is hot pluggable from outside the machine. Now I am impressed. I was impressed too, thats why I posted the link. -- Len Sorensen --- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
--- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
