On Wed, 22 Jul 2015 08:59:43 -0700 Apple Apple <[email protected]> wrote:
> On 22 Jul 2015 13:22, "Jacob Appelbaum" <[email protected]> wrote: > > DVD drives are programmable computers until we find evidence > > suggesting the opposite. > > And USB host controllers? DVD drives really are; see for example [1] for information about DVD-RW firmware modding and reflashing for NEC drives. Same as HDDs or SSDs. USB host controllers by themselves are not known to have any reprogrammable code, they are much simpler. If it's integrated into the motherboard, you will just need to ensure it uses a free BIOS such as Coreboot. However I have to wonder on what is your threat scenario that you cannot trust a random anonymously bought off-the-shelf DVD drive. If the bootable OS verifies signatures of files it loads from the disk, then it'd have to do a rather sophisticated and specifically targeted for that OS "evil maid" attack. [1] http://liggydee.cdfreaks.com/page/en/FAQ/ -- With respect, Roman
signature.asc
Description: PGP signature
-- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
