Hi,
We didn't reach a conclusion on this topic. The page on pcmcia is still
tagged "discuss".
Issue: 32bit PCMCIA gets DMA. It is thus usable by an adversary for
external bus memory forensics on a running Tails.
Question: we now have to discuss what usability vs.
security balance we want.
Ideas:
* If a firewire card was inserted into the slot and the bus is active,
pop up a dialog and ask "hey, you want to use firewire/etc.?"
* disable these buses by default, allow opt-in through tails-greeter
to enable
* ask that users assert they want to use this or that bus, and make
the assertion bind to a single device, rather than all devices
blindly
* de-activate PCMCIA and ExpressCard on systems that don't have any
PCMCIA or ExpressCard devices after running for 5 minutes. This is
going to byte some users, but probably only the first time.
This is related to [[
https://tails.boum.org/todo/disable_expresscard__36__]]
Please give your thoughts.
Cheers
--
