Re: [GTALUG] DMA kernel attacks
<rreiter91@gmail.com> Date: Mar 16, 2017 12:49 PM Subject: Re: [GTALUG] DMA kernel attacks To: "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca On Mar 13, 2017 10:50 AM, "Russell Reiter" <rreiter91@gmail.com> wrote: On Mar 13, 2017 10:27 AM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote: On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Sorry, I wasn't clear here. The PCI card goes in the attacking machine. The steal is over USB. Two tries for the linux box.
https://www.youtube.com/watch?v=fXthwl6ShOg&list=PL9fPq3eQfa
aAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164 Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult. Ummm ... PCIe is hot plugable with the right software. I thought initially they found a flaw in USB3, but no that is not the case. So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was. The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant. Maybe to you. I dont consider increase of transfer rate from 3mbs to 150mbs irrelevant by any means. Just because I highlight one bit of information which I gleaned from a source and wanted to share, as a matter of general interest; this doesent mean I didn't want you to learn from the post. I did it because I do want you to learn from it. Like you just now learned PCIe can be accessed without rebooting. Among other things. -- Len Sorensen
On Thu, Mar 16, 2017 at 04:41:36PM -0400, Russell Reiter via talk wrote:
<rreiter91@gmail.com> Date: Mar 16, 2017 12:49 PM Subject: Re: [GTALUG] DMA kernel attacks To: "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca
On Mar 13, 2017 10:50 AM, "Russell Reiter" <rreiter91@gmail.com> wrote:
On Mar 13, 2017 10:27 AM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote:
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Sorry, I wasn't clear here. The PCI card goes in the attacking machine. The steal is over USB. Two tries for the linux box.
https://www.youtube.com/watch?v=fXthwl6ShOg&list=PL9fPq3eQfa
aAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164
Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult.
Ummm ... PCIe is hot plugable with the right software.
I thought initially they found a flaw in USB3, but no that is not the case.
So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was.
The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant.
Maybe to you. I dont consider increase of transfer rate from 3mbs to 150mbs irrelevant by any means.
Just because I highlight one bit of information which I gleaned from a source and wanted to share, as a matter of general interest; this doesent mean I didn't want you to learn from the post.
I did it because I do want you to learn from it. Like you just now learned PCIe can be accessed without rebooting.
Among other things.
-- Len Sorensen
I am afraid I can't figure out what the reply was or to what. Even going through the hassle of trying to view the html version didn't help much. -- Len Sorensen
On Mar 17, 2017 2:22 PM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote: On Thu, Mar 16, 2017 at 04:41:36PM -0400, Russell Reiter via talk wrote:
<rreiter91@gmail.com> Date: Mar 16, 2017 12:49 PM Subject: Re: [GTALUG] DMA kernel attacks To: "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca
On Mar 13, 2017 10:50 AM, "Russell Reiter" <rreiter91@gmail.com> wrote:
On Mar 13, 2017 10:27 AM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca
wrote:
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Sorry, I wasn't clear here. The PCI card goes in the attacking machine. The steal is over USB. Two tries for the linux box.
<snip the part deemed irrelevant>
target machine. This is pretty much just irrelevant.
Maybe to you. I dont consider increase of transfer rate from 3mbs to 150mbs irrelevant by any means.
Just because I highlight one bit of information which I gleaned from a source and wanted to share, as a matter of general interest; this doesent mean I didn't want you to learn from the post.
I did it because I do want you to learn from it. Like you just now learned PCIe can be accessed without rebooting.
Among other things.
-- Len Sorensen
I am afraid I can't figure out what the reply was or to what. Even going through the hassle of trying to view the html version didn't help much. Ok to recap. You assumed you needed to turn off the computer to install PCIe. You learned PCIe is hot pluggable. You assumed the card had to be plugged into the target machine, you learned it did not. I was just pointing out why you made those false assumptions and then wrongly designated the information as irrelevant. Its because I didn't explicitly describe what was so obvious in the video. I'd normally politely say my bad but in this case I think not. -- Len Sorensen
On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
Ok to recap. You assumed you needed to turn off the computer to install PCIe. You learned PCIe is hot pluggable. You assumed the card had to be plugged into the target machine, you learned it did not.
Well no. I already knew PCIe could be hot plugable and also knew it usually is not. expresscard on the other hand always is, I just forgot it existed and didn't think the device in question would work with that. Brain initially says: PCIe attack implies desktop which doesn't have hotplug implies this is irrelevant. :)
I was just pointing out why you made those false assumptions and then wrongly designated the information as irrelevant.
Its because I didn't explicitly describe what was so obvious in the video.
I'd normally politely say my bad but in this case I think not.
If I had watched the video from the start initially it might have helped. Unfortunately youtube helped and made the link you posted start at a few minutes from the end. Youtube can be annoying at times. And yes the "over usb3" comment did give the wrong initial impression. In the end it does seem like a neat trick. -- Len Sorensen
On Mar 17, 2017 3:11 PM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote: On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
Ok to recap. You assumed you needed to turn off the computer to install PCIe. You learned PCIe is hot pluggable. You assumed the card had to be plugged into the target machine, you learned it did not.
Well no. I already knew PCIe could be hot plugable and also knew it usually is not. expresscard on the other hand always is, I just forgot it existed and didn't think the device in question would work with that. Brain initially says: PCIe attack implies desktop which doesn't have hotplug implies this is irrelevant. :)
I was just pointing out why you made those false assumptions and then wrongly designated the information as irrelevant.
Its because I didn't explicitly describe what was so obvious in the video.
I'd normally politely say my bad but in this case I think not.
If I had watched the video from the start initially it might have helped. Unfortunately youtube helped and made the link you posted start at a few minutes from the end. Youtube can be annoying at times. And yes the "over usb3" comment did give the wrong initial impression. In the end it does seem like a neat trick. Not as neat as your way of pissing me off by selectively editing and trying to look reasonable about it. Those three posts in a row make it look like you are having a nice reasoned conversation with yourself. However, it was me you were replying to and you snipped without form. Thats one of the oldest shitheel moves on usenet. You were probably still in short pants when I first noticed that some people do treat others contempt in that manner. Its nothing new and I wouldnt ask for you to be banned as an abuser but best if you just ignore my posts from now on. You will come across smarter than the past set of arguments with me have demonstrated. OK -- Len Sorensen
Can we keep personal opinions and insults off the list? On Fri, Mar 17, 2017 at 3:28 PM, Russell Reiter via talk <talk@gtalug.org> wrote:
On Mar 17, 2017 3:11 PM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote:
On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
Ok to recap. You assumed you needed to turn off the computer to install PCIe. You learned PCIe is hot pluggable. You assumed the card had to be plugged into the target machine, you learned it did not.
Well no. I already knew PCIe could be hot plugable and also knew it usually is not. expresscard on the other hand always is, I just forgot it existed and didn't think the device in question would work with that.
Brain initially says: PCIe attack implies desktop which doesn't have hotplug implies this is irrelevant. :)
I was just pointing out why you made those false assumptions and then wrongly designated the information as irrelevant.
Its because I didn't explicitly describe what was so obvious in the video.
I'd normally politely say my bad but in this case I think not.
If I had watched the video from the start initially it might have helped. Unfortunately youtube helped and made the link you posted start at a few minutes from the end. Youtube can be annoying at times.
And yes the "over usb3" comment did give the wrong initial impression.
In the end it does seem like a neat trick.
Not as neat as your way of pissing me off by selectively editing and trying to look reasonable about it.
Those three posts in a row make it look like you are having a nice reasoned conversation with yourself.
However, it was me you were replying to and you snipped without form.
Thats one of the oldest shitheel moves on usenet. You were probably still in short pants when I first noticed that some people do treat others contempt in that manner.
Its nothing new and I wouldnt ask for you to be banned as an abuser but best if you just ignore my posts from now on.
You will come across smarter than the past set of arguments with me have demonstrated.
OK
-- Len Sorensen
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
On Mar 17, 2017 4:02 PM, "Jason Shaw via talk" <talk@gtalug.org> wrote: Can we keep personal opinions and insults off the list? I just asked Lennart to lay off the nastyness and be a nice boy. So to answer your question. As soon as Lennart realizes that it is abusive to snip in the way he does and stops pissing all over my posts. Thanks for speaking up though. Its nice to know that people like yourself care. On Fri, Mar 17, 2017 at 3:28 PM, Russell Reiter via talk <talk@gtalug.org> wrote:
On Mar 17, 2017 3:11 PM, "Lennart Sorensen" <lsorense@csclub.uwaterloo.ca> wrote:
On Fri, Mar 17, 2017 at 02:53:03PM -0400, Russell Reiter wrote:
Ok to recap. You assumed you needed to turn off the computer to install PCIe. You learned PCIe is hot pluggable. You assumed the card had to be plugged into the target machine, you learned it did not.
Well no. I already knew PCIe could be hot plugable and also knew it usually is not. expresscard on the other hand always is, I just forgot it existed and didn't think the device in question would work with that.
Brain initially says: PCIe attack implies desktop which doesn't have hotplug implies this is irrelevant. :)
I was just pointing out why you made those false assumptions and then wrongly designated the information as irrelevant.
Its because I didn't explicitly describe what was so obvious in the video.
I'd normally politely say my bad but in this case I think not.
If I had watched the video from the start initially it might have helped. Unfortunately youtube helped and made the link you posted start at a few minutes from the end. Youtube can be annoying at times.
And yes the "over usb3" comment did give the wrong initial impression.
In the end it does seem like a neat trick.
Not as neat as your way of pissing me off by selectively editing and trying to look reasonable about it.
Those three posts in a row make it look like you are having a nice reasoned conversation with yourself.
However, it was me you were replying to and you snipped without form.
Thats one of the oldest shitheel moves on usenet. You were probably still in short pants when I first noticed that some people do treat others contempt in that manner.
Its nothing new and I wouldnt ask for you to be banned as an abuser but best if you just ignore my posts from now on.
You will come across smarter than the past set of arguments with me have demonstrated.
OK
-- Len Sorensen
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
On Fri, Mar 17, 2017 at 03:28:26PM -0400, Russell Reiter wrote:
Not as neat as your way of pissing me off by selectively editing and trying to look reasonable about it.
Well I checked the archive. I didn't cut anything or edit anything, so no idea what you are talking about.
Those three posts in a row make it look like you are having a nice reasoned conversation with yourself.
Well I was, once I realized the video link had started near the end and there was more to watch.
However, it was me you were replying to and you snipped without form.
I replied to my own previous email pointing out I was wrong. I didn't cut anything out in any of the replies (I usually cut everything but the message I am actually replying too, but in this case I wanted to make it clear I was pointing out my previous reply to the original message was wrong so I left it all, complete with proper indentation and > marks at the right levels, unlike the totally unreadable mess gmail creates, but I don't know of any way to fix what gmail does, so I don't use gmail for mailing lists).
Thats one of the oldest shitheel moves on usenet. You were probably still in short pants when I first noticed that some people do treat others contempt in that manner.
Well you do beat me on age, probably by a chunk. I was under the impression on usenet some people would try to cancel their original message if they wanted to change it, although I tried to avoid usenet for the most part when I encountered it in the 90s. Too much noise there by then.
Its nothing new and I wouldnt ask for you to be banned as an abuser but best if you just ignore my posts from now on.
One of these days I will learn how to filter emails from specific people, but it hasn't been enough of a problem to bother yet (surprisingly).
You will come across smarter than the past set of arguments with me have demonstrated.
Your point of view is yours to have. -- Len Sorensen
participants (3)
-
Jason Shaw -
lsorense@csclub.uwaterloo.ca -
Russell Reiter