Date: Tue, 20 Jun 2017 11:38:30 +0100 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? Message-ID: <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> In-Reply-To: <20170620092309.GA3634@c720-r314251> References: <20170620092309.GA3634@c720-r314251>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p Content-Type: multipart/mixed; boundary="AAC6Sxt1lkKAHqvHmLKBiu2hA8RAQCOiN"; protected-headers="v1" From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Message-ID: <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? References: <20170620092309.GA3634@c720-r314251> In-Reply-To: <20170620092309.GA3634@c720-r314251> --AAC6Sxt1lkKAHqvHmLKBiu2hA8RAQCOiN Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2017/06/20 10:23, Matthias Apitz wrote: > In the mailing-list about Chromium OS is some interesting discussion > about some attack vector using an USB plug-in with some Raspery system > behind to offer to the OS an USB keyboard and ethernet and at the end > take over the system. More of the discussion here=20 >=20 > https://groups.google.com/a/chromium.org/forum/?hl=3Den#!topic/chromium= -os-discuss/UqbGh2kHaVw >=20 > and the full technical description here: >=20 > https://samy.pl/poisontap/ >=20 > As far as I can see, the same attack would be possible as well on > FreeBSD, maybe not so easy because the devd(8) must be configured and > the module for ethernet on USB cdce(4) must be loaded in advance. >=20 Isn't this yet another manifestation of physical access to the hardware being almost impossible to secure against? Don't plug in any strange USB devices kids, and don't let your portable kit out of your control so that other people could take liberties with your USB ports either. Cheers, Matthew --AAC6Sxt1lkKAHqvHmLKBiu2hA8RAQCOiN-- --lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJZSPssXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnpaMQAJTyxARfWxvNc2eputI91hEy S7vyqeizc5qpK7vd4kv2oOD5mT2b3CVSocgPwgc6bpO29qpE03HBQT/ozxAt67ZS 4lpvNk/IsNv+t0XBX8kl6g2jS7sSZ7Ojw5dvD+NqIo8j0bUeRAKYWKi/8euMm8wd d4UaOZMjDFxYOlqULdsXK7LyRBh6ZCQP4Gr1Q+8BCltrqc6OCloU0Cqsvft2BfzE P74LtcrunTCzoVy31TtY9dl2FGDabnyJs0OKhWAn9qAuS6HjXKLM4yYkIVlzcuUG dzqpehC7k5SbYXWNTwMc3UcN0F4SsbuafEZ+2gAtLruFTEuRQJ/8RB5wFre7PZUm WkC/i82cLfVcKcivadM08vEdApvEnHOvAfeiJp0dsiPgFksYD9FBO6O4lkKrwvrC FFgWnWLZaHQpaeAq3ppmonCtBIKN+rljL8Xe8ml0qzayw1KgVP2xq3hwzXQJOw9D KbrYmuKEzd2+jT6+kHgoghbT+dyPFhoKsQij6+rocAQYV5KkjHZLNsmIhSP55ZYo R971APLRdIjjdVcLS8OTXWShjHz+jH/s+Ifr4/7YGsYwZU2fR6MTBxGxiBZYTjg3 YD4WHsxBsKc9pwKipctImGUXrAbDg5kXh/pUV+DUwZFbXZ/daPbdFdSi7vl5a184 Jo6eIjn48fAv19aw+3oh =kzVJ -----END PGP SIGNATURE----- --lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9aba32b6-f960-beb4-94bf-b8b3b780ef69>