Re: [Tails-dev] Tails: pcmcia / firewire / etc.

Delete this message

Reply to this message
Author: Ague Mill
Date:  
To: The Tails public development discussion list
Old-Topics: Re: [Tails-dev] ***SPAM*** Re: Tails: pcmcia / firewire / etc.
Subject: Re: [Tails-dev] Tails: pcmcia / firewire / etc.
> >> Also, what about pcmcia/pccard/express card?
> >
> > Sorry, we still have not discussed what usability vs. security balance
> > we want in this area. For the record, these are tracked there:
> > https://tails.boum.org/todo/disable_expresscard__63__/
> > https://tails.boum.org/todo/disable_pcmcia__63__/
> >
>
> I'd still go for disabling those two unless there is actually a
> compelling reason to enable them. If there is such a reason, I'd ask
> that users assert it and that the assertion binds to a single device,
> rather than all devices blindly. These bus attacks are simply too
> powerful and too obscure for users to knowingly defend themselves.


Understood, but I have seen uses of Tails on laptops that had their
motherboard ethernet connector broken supplied by a PCMCIA network card.
It sounds like a reasonable expectation to me that it should "just
work".

A possible middle-ground could be to de-activate PCMCIA and ExpressCard
on systems that don't have any PCMCIA or ExpressCard devices after
running for 5 minutes. This is going to byte some users, but probably
only the first time.

--
Ague