On Sat, Oct 13, 2012 at 1:30 AM, Jacob Appelbaum <jacob@???> wrote:
> I would add Thunderbolt to the list as well:
> http://www.breaknenter.org/2012/02/adventures-with-daisy-in-thunderbolt-dma-land-hacking-macs-through-the-thunderbolt-interface/
As far as I can see, all these attacks (PCMCIA, ExpressCard,
Thunderbolt) rely on attaching to a FireWire interface one way or
another, and then accessing arbitrary memory via DMA. But such ability
is (or can be) disabled by default in the newer firewire-ohci module,
as described in "debugging-via-ohci1394.txt", and even discussed on
the relevant Tails TODO page. So why disable the interfaces? Looks
like an overkill to me.
--
Maxim Kammerer
Liberté Linux:
http://dee.su/liberte