From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 009221396D9 for ; Wed, 8 Nov 2017 19:35:53 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CF8AAE0F24; Wed, 8 Nov 2017 19:35:46 +0000 (UTC) Received: from very.loosely.org (very.loosely.org [173.255.215.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 73C21E0F1D for ; Wed, 8 Nov 2017 19:35:46 +0000 (UTC) Received: from [10.8.78.6] (port=45616 helo=matica.foolinux.mooo.com) by ahiker.mooo.com with esmtp (Exim 4.89) (envelope-from ) id 1eCW8X-0008Bk-6o for gentoo-user@lists.gentoo.org; Wed, 08 Nov 2017 11:35:45 -0800 Received: from itz by matica.foolinux.mooo.com with local (Exim 4.89) (envelope-from ) id 1eCW8P-0005TK-Cb for gentoo-user@lists.gentoo.org; Wed, 08 Nov 2017 11:35:37 -0800 Date: Wed, 8 Nov 2017 11:35:37 -0800 From: Ian Zimmerman To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] Re: Linux USB security holes. Message-ID: <20171108193537.5art3runhcttu7h3@matica.foolinux.mooo.com> Mail-Followup-To: gentoo-user@lists.gentoo.org References: <65c1af14-a224-4c9f-1ca8-eca4ccc71d0f@gmail.com> <556A9D39-68CC-4E4F-9BDA-545EBB0F9D69@antarean.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <556A9D39-68CC-4E4F-9BDA-545EBB0F9D69@antarean.org> X-Loosely-Listed: yes User-Agent: NeoMutt/20170707-dirty (1.8.3) X-Archives-Salt: b9e22b22-4376-4d9e-8420-c22d91337dc2 X-Archives-Hash: edbcb2aab7aded671ab4a2e8e61e49bf On 2017-11-08 05:53, J. Roeleveld wrote: > From what I read, you need physical access. According to Solar, for whom I have developed great respect, this is not necessarily so: http://www.openwall.com/lists/oss-security/2017/11/08/5 -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet, fetch the TXT record for the domain.