I think the kernel is working as expected. Debian and Ubuntu are both also
vulnerable by default, since FireWire modules are loaded automatically.
I can send some fix suggestions if you like.
On Oct 12, 2012 7:35 PM, "Maxim Kammerer" <mk@???> wrote:
> On Sat, Oct 13, 2012 at 3:15 AM, Steve Weis <steveweis@???> wrote:
> > Hi. I booted Tails' latest release and was able to scrape memory contents
> > via FireWire. All the necessary firewire modules are enabled by default
> and
> > Inception worked out of the box. This would let someone root a machine
> > through, say, a daisy chained thunderbolt monitor.
>
> Thanks for testing! Shouldn't such behavior be classified as a kernel
> bug? I can't find anything related on the kernel bugtracker.
>
> --
> Maxim Kammerer
> Liberté Linux: http://dee.su/liberte
>