Fwd: [cros-discuss] Hacking possibility? Real or not?
Matthew Seaman
matthew at FreeBSD.org
Tue Jun 20 10:38:40 UTC 2017
On 2017/06/20 10:23, Matthias Apitz wrote:
> In the mailing-list about Chromium OS is some interesting discussion
> about some attack vector using an USB plug-in with some Raspery system
> behind to offer to the OS an USB keyboard and ethernet and at the end
> take over the system. More of the discussion here
>
> https://groups.google.com/a/chromium.org/forum/?hl=en#!topic/chromium-os-discuss/UqbGh2kHaVw
>
> and the full technical description here:
>
> https://samy.pl/poisontap/
>
> As far as I can see, the same attack would be possible as well on
> FreeBSD, maybe not so easy because the devd(8) must be configured and
> the module for ethernet on USB cdce(4) must be loaded in advance.
>
Isn't this yet another manifestation of physical access to the hardware
being almost impossible to secure against? Don't plug in any strange
USB devices kids, and don't let your portable kit out of your control so
that other people could take liberties with your USB ports either.
Cheers,
Matthew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 972 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20170620/93efaea7/attachment.sig>
More information about the freebsd-questions
mailing list