Date: Wed, 17 Nov 2004 16:28:02 +0100 From: Borja Marcos <borjamar@sarenet.es> To: Julian Elischer <julian@elischer.org> Cc: freebsd-security@freebsd.org Subject: Re: FireWire Security issues Message-ID: <4511D7AF-38AD-11D9-872F-000393C94468@sarenet.es> In-Reply-To: <419AAEE3.9020900@elischer.org> References: <cndo0f$5bv$1@sea.gmane.org> <419AAEE3.9020900@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> yes we've been aware of this problem for a year or so :-) > I guess we need to get the filters done.. > We do of course use firewire for remote kernel debugging with great > success so we > need to be able to turn it off sometimes :-) Anyway, Firewire isn't Ethernet. A rogue device connected to an SCSI port (or an USB port) could sniff traffic sent to other devices, isn't it? It's a matter of how closely-coupled do you consider the interface; an Ethernet is more loosely coupled than a Firewire. You assume than an Ethernet may carry dangerous traffic, but, do you assume the same for a SCSI, a USB or a Firewire port, I mean, the kind of interface you use for hard disks, etc? BTW, provided that USB ports are connected in parallel... a rogue USB device could sniff a user's keyboard activity or even generate rogue keyboard activity, isn't it? Borja.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4511D7AF-38AD-11D9-872F-000393C94468>