[Gllug] emulating a pendrive
Nix
nix at esperi.org.uk
Tue Oct 13 21:13:57 UTC 2009
On 13 Oct 2009, Peter Corlett stated:
> Firewire is peer-to-peer, and allows anything to plug into anything
> else, software willing.
It also (like USB) allows anything to DMA to anything else, even if the
OS is *not* willing.
So, yes, customized USB keys can be an unblockable security hole. It's
so easy with firewire that debugging a machine after the OS has died
over a firewire connection has direct support in kgdb.
> USB has separate host and device, operated in a master-slave
> relationship. Hosts cannot directly talk to hosts, and devices cannot
> talk to devices.
But devices can DMA over your hosts' memory :)
> This is also why both ends of a Firewire cable are identical, whereas
> USB has distinct ends.
After the Big Upgrade earlier this year, all my non-embedded machines
now have firewire ports, but I'm not sure I've ever actually seen
anything that can plug into them. Everything seems to be USB.
What's firewire actually used for?
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list