Date: Tue, 20 Jun 2017 09:33:38 -0500 (CDT) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "Matthew Seaman" <matthew@FreeBSD.org> Cc: freebsd-questions@freebsd.org Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? Message-ID: <59477.128.135.52.6.1497969218.squirrel@cosmo.uchicago.edu> In-Reply-To: <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> References: <20170620092309.GA3634@c720-r314251> <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, June 20, 2017 5:38 am, Matthew Seaman wrote: > On 2017/06/20 10:23, Matthias Apitz wrote: >> In the mailing-list about Chromium OS is some interesting discussion >> about some attack vector using an USB plug-in with some Raspery system >> behind to offer to the OS an USB keyboard and ethernet and at the end >> take over the system. More of the discussion here >> >> https://groups.google.com/a/chromium.org/forum/?hl=en#!topic/chromium-os-discuss/UqbGh2kHaVw >> >> and the full technical description here: >> >> https://samy.pl/poisontap/ >> >> As far as I can see, the same attack would be possible as well on >> FreeBSD, maybe not so easy because the devd(8) must be configured and >> the module for ethernet on USB cdce(4) must be loaded in advance. >> > > Isn't this yet another manifestation of physical access to the hardware > being almost impossible to secure against? Don't plug in any strange > USB devices kids, and don't let your portable kit out of your control so > that other people could take liberties with your USB ports either. As they said in system security manual some 30 years ago: the first step in securing machine is physical security of your box ;-) Valeri > > Cheers, > > Matthew > > > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59477.128.135.52.6.1497969218.squirrel>