著者: Ague Mill 日付: To: The Tails public development discussion list 題目: Re: [Tails-dev] Tails: pcmcia / firewire / etc.
On Wed, Sep 26, 2012 at 07:44:34PM +0200, alan@??? wrote: > Issue: 32bit PCMCIA gets DMA. It is thus usable by an adversary for
> external bus memory forensics on a running Tails.
>
> Question: we now have to discuss what usability vs.
> security balance we want.
>
> Ideas:
>
> * If a firewire card was inserted into the slot and the bus is active,
> pop up a dialog and ask "hey, you want to use firewire/etc.?"
I don't know how this would be possible without serious kernel hacking.
> * disable these buses by default, allow opt-in through tails-greeter
> to enable
> * ask that users assert they want to use this or that bus, and make
> the assertion bind to a single device, rather than all devices
> blindly
> * de-activate PCMCIA and ExpressCard on systems that don't have any
> PCMCIA or ExpressCard devices after running for 5 minutes. This is
> going to byte some users, but probably only the first time.