Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3. https://www.youtube.com/watch?v=fXthwl6ShOg&list=PL9fPq3eQfaaAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult. I thought initially they found a flaw in USB3, but no that is not the case. So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was. The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant. -- Len Sorensen
On Mon, Mar 13, 2017 at 10:27:35AM -0400, Lennart Sorensen via talk wrote:
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult.
I thought initially they found a flaw in USB3, but no that is not the case.
So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was.
The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant.
The exploit method is interesting (although nothing new), but the access method is not. -- Len Sorensen
On Mon, Mar 13, 2017 at 10:33:10AM -0400, Lennart Sorensen via talk wrote:
On Mon, Mar 13, 2017 at 10:27:35AM -0400, Lennart Sorensen via talk wrote:
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult.
I thought initially they found a flaw in USB3, but no that is not the case.
So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was.
The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant.
The exploit method is interesting (although nothing new), but the access method is not.
OK, I am wrong. The fact he has an expressscard, not just PCIe makes it very interesting since that is hot pluggable from outside the machine. Now I am impressed. -- Len Sorensen
On Mar 13, 2017 10:39 AM, "Lennart Sorensen via talk" <talk@gtalug.org> wrote: On Mon, Mar 13, 2017 at 10:33:10AM -0400, Lennart Sorensen via talk wrote:
On Mon, Mar 13, 2017 at 10:27:35AM -0400, Lennart Sorensen via talk wrote:
On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
Another DEFCON talk. This is a hardware attack on M$, OSX & Linux, PCIleech = 150mbs over usb3.
https://www.youtube.com/watch?v=fXthwl6ShOg&list= PL9fPq3eQfaaAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164
Well first you have to install your PCIe card in the target machine, which means you would have to shut it down first, which could make booting it again difficult.
I thought initially they found a flaw in USB3, but no that is not the case.
So it doesn't do anything we didn't already have a problem with in firewire years ago. So yes if you get to put your own PCIe hardware in a machine, you can DMA memory. And it's a bit faster than a firewire card was.
The firewire and thunderbolt issues in the past seem much more of a concern than this because they were hardware already present in the target machine. This is pretty much just irrelevant.
The exploit method is interesting (although nothing new), but the access method is not.
OK, I am wrong. The fact he has an expressscard, not just PCIe makes it very interesting since that is hot pluggable from outside the machine. Now I am impressed. I was impressed too, thats why I posted the link. -- Len Sorensen --- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
participants (2)
-
lsorense@csclub.uwaterloo.ca -
Russell Reiter