On Thu, Mar 16, 2017 at 04:41:36PM -0400, Russell Reiter via talk wrote:
<rreiter91@gmail.com> Date: Mar 16, 2017 12:49 PM Subject: Re: [GTALUG] DMA kernel attacks To: "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca
On Mar 13, 2017 10:50 AM, "Russell Reiter" <rreiter91@gmail.com> wrote:
On Mar 13, 2017 10:27 AM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote:
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Sorry, I wasn't clear here. The PCI card goes in the attacking machine. The steal is over USB. Two tries for the linux box.
https://www.youtube.com/watch?v=fXthwl6ShOg&list=PL9fPq3eQfa
aAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164
Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult.
Ummm ... PCIe is hot plugable with the right software.
I thought initially they found a flaw in USB3, but no that is not the case.
So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was.
The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant.
Maybe to you. I dont consider increase of transfer rate from 3mbs to 150mbs irrelevant by any means.
Just because I highlight one bit of information which I gleaned from a source and wanted to share, as a matter of general interest; this doesent mean I didn't want you to learn from the post.
I did it because I do want you to learn from it. Like you just now learned PCIe can be accessed without rebooting.
Among other things.
-- Len Sorensen
I am afraid I can't figure out what the reply was or to what. Even going through the hassle of trying to view the html version didn't help much. -- Len Sorensen