Date: Tue, 20 Jun 2017 11:15:58 -0400 From: "James B. Byrne" <byrnejb@harte-lyne.ca> To: freebsd-questions@freebsd.org Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? Message-ID: <c53a73b8e0421f6bf146fda28ececec5.squirrel@webmail.harte-lyne.ca> In-Reply-To: <mailman.106.1497960002.37616.freebsd-questions@freebsd.org> References: <mailman.106.1497960002.37616.freebsd-questions@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, June 20, 2017 06:38, Matthew Seaman wrote: > On 2017/06/20 10:23, Matthias Apitz wrote: >> In the mailing-list about Chromium OS is some interesting discussion >> about some attack vector using an USB plug-in with some Raspery >> system behind to offer to the OS an USB keyboard and ethernet and >> at the end take over the system. More of the discussion here >> >> https://groups.google.com/a/chromium.org/forum/?hl=en#!topic/chromium-os-discuss/UqbGh2kHaVw >> >> and the full technical description here: >> >> https://samy.pl/poisontap/ >> >> As far as I can see, the same attack would be possible as well on >> FreeBSD, maybe not so easy because the devd(8) must be configured >> and the module for ethernet on USB cdce(4) must be loaded in advance. >> > > Isn't this yet another manifestation of physical access to the > hardware being almost impossible to secure against? Don't plug > in any strange USB devices kids, and don't let your portable kit > out of your control so that other people could take liberties > with your USB ports either. Every USB device contains a controller which itself operates on the basis of flash-able microcode. Few such controllers have any safeguards against being reprogrammed. Consequently, any physical access to any USB port on a host allows an attacker to permanently corrupt and infect the USB device controller(s) on a target system. As such malware likely contains code to prohibit further reprogramming the infection is permanent and removal of the affected hardware is the only remedy. On most modern computers this requires discarding the motherboard. This issue was demonstrated at BlackHat-2014. To the best of my knowledge, few if any USB device manufacturers provide hardened controllers. IronKey is the only external flash memory device that I know of which claims to. But I have seen nothing respecting host based controllers. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c53a73b8e0421f6bf146fda28ececec5.squirrel>