Fwd: [cros-discuss] Hacking possibility? Real or not?
galtsev at kicp.uchicago.edu
Tue Jun 20 14:52:42 UTC 2017
On Tue, June 20, 2017 5:38 am, Matthew Seaman wrote:
> On 2017/06/20 10:23, Matthias Apitz wrote:
>> In the mailing-list about Chromium OS is some interesting discussion
>> about some attack vector using an USB plug-in with some Raspery system
>> behind to offer to the OS an USB keyboard and ethernet and at the end
>> take over the system. More of the discussion here
>> and the full technical description here:
>> As far as I can see, the same attack would be possible as well on
>> FreeBSD, maybe not so easy because the devd(8) must be configured and
>> the module for ethernet on USB cdce(4) must be loaded in advance.
> Isn't this yet another manifestation of physical access to the hardware
> being almost impossible to secure against? Don't plug in any strange
> USB devices kids, and don't let your portable kit out of your control so
> that other people could take liberties with your USB ports either.
As they said in system security manual some 30 years ago: the first step
in securing machine is physical security of your box ;-)
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
More information about the freebsd-questions