tag:blogger.com,1999:blog-24586388.post8736093765434856111..comments2023-11-24T09:52:43.963+01:00Comments on The Invisible Things Lab's blog: USB Security ChallengesJoanna Rutkowskahttp://www.blogger.com/profile/07657268181166351141noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-24586388.post-81321945817633643092011-06-16T01:53:13.062+02:002011-06-16T01:53:13.062+02:00Props to Joanna for what's probably the most c...Props to Joanna for what's probably the most comprehensive post on USB security issues to date! I agree that the original problem was with the hardware manufacturers. I've speculated that it arises from the differentiators: a certain minimal set of security features has been a competitive differentiator for OS vendors, but hardware vendors mainly compete on performance and cost. For performance reasons, they've always leaned more toward sharing and "allow-all" designs than mediation of access.<br /><br />You're team has some nice ideas. I look forward to seeing what you guys decide on.<br /><br />Nick PAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-24586388.post-64354933187750292692011-06-09T13:51:00.381+02:002011-06-09T13:51:00.381+02:00@nicolas: I still do not understand your comment o...@nicolas: I still do not understand your comment on keeping insecure devices on bluetooth. You provided a link to a bluetooth device that does not connect to a USB port but what kind of a point did you want to make with that? Because it does not connect to a USB port it is more secure?lyecdevfhttps://www.blogger.com/profile/16362429140424153045noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-14227022069147083572011-06-02T01:00:55.479+02:002011-06-02T01:00:55.479+02:00@Harry: correct USB devices cannot write/read syst...@Harry: correct USB devices cannot write/read system memory by themselves. USB controller, however, is a PCIe device and can generate DMA transactions. So, a USB device that could compromise the USB controller _somehow_ would be able to write to system memory.Joanna Rutkowskahttps://www.blogger.com/profile/07657268181166351141noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-44362542491116886402011-06-02T00:13:27.633+02:002011-06-02T00:13:27.633+02:00Joanna, can you confirm that devices connected to ...Joanna, can you confirm that devices connected to USB ports cannot directly attack the hardware (bus mastering, etc.) in the way that Firewire devices can?Harryhttps://www.blogger.com/profile/05164118770972076651noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-44987217782336263972011-06-01T20:13:38.614+02:002011-06-01T20:13:38.614+02:00@Joanna: indeed, some bluetooth controllers are in...@Joanna: indeed, some bluetooth controllers are indeed USB. Maybe I should have been clearer.<br />You can get bluetooth controllers for the PC Card slot in case your onboard is implemented using USB. (For ex: http://www.amazon.com/Bluetooth-V2-0-Pc-Card-Class/dp/B000FRV0NO)nicolashttps://www.blogger.com/profile/15278882502765627682noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-37632863108145991622011-06-01T10:51:48.893+02:002011-06-01T10:51:48.893+02:00USB stack attack was what was initially used to ex...USB stack attack was what was initially used to exploit PS3 - by combination of emulating multiple devices and sending incorrect (too long) USB descriptors they managed to overflow parts of USB stack and run some payload. So this approach is something already having PoC ;-)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-24586388.post-59695474007901049262011-06-01T09:55:59.321+02:002011-06-01T09:55:59.321+02:00@nicolas: Bluetooth controller is just a... USB de...@nicolas: Bluetooth controller is just a... USB device.Joanna Rutkowskahttps://www.blogger.com/profile/07657268181166351141noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-44659063032315440682011-06-01T04:39:17.301+02:002011-06-01T04:39:17.301+02:00Would bluetooth not be a better choice for secure ...Would bluetooth not be a better choice for secure connectivity? It is present on many laptops these days. This way, you can keep "unsecure" devices on USB and secure devices on bluetooth.<br /><br />Nicolas Wagreznicolashttps://www.blogger.com/profile/15278882502765627682noreply@blogger.com