From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 4FAAC1396D9 for ; Wed, 8 Nov 2017 05:49:18 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9707BE0E9A; Wed, 8 Nov 2017 05:49:11 +0000 (UTC) Received: from mail-yw0-x229.google.com (mail-yw0-x229.google.com [IPv6:2607:f8b0:4002:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 39F94E0DEE for ; Wed, 8 Nov 2017 05:49:11 +0000 (UTC) Received: by mail-yw0-x229.google.com with SMTP id w2so1381601ywa.9 for ; Tue, 07 Nov 2017 21:49:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=umeG2n/G+1F7vmH5SZ/xI0dvyaWDixUFwJYOpcczDhc=; b=qnulc43CidEqHR7ulur+3VZ4QSCvs6fUFm8oc8DChDEmd0d4aS57mvnjYlY6TPFB5j M+havuF32pTFQHYBq77bpH6fKLk4vQ5TNpEuzIOmDAJF1t4QwyjVIMi17s8ugWVvXI70 Q2xjU9xjTqUtfONMlIl+/hveregqAHoc1JJ+gvvRGWwIqLABZqY9LyZX5M0Q4il3Wc0d DJry0HUvAnahBcA7Dzso+6q5rrB4YE7qcjOfDtmk0HRk9/RNKilcQPEODRnvz1FXGB9Q 0FzLQwx62j8w32jLiG7i5IEZq8zV8PIgp5SMmBi25AMBm2ztstfijsKiIBt+CshPRotC gSOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=umeG2n/G+1F7vmH5SZ/xI0dvyaWDixUFwJYOpcczDhc=; b=dOEe7rwmUw9+U51PBs6NvKaRcfSJlgnbV7PyBua9XErQ9Z/AZrEPnnUzkl3oHNgje3 8vS62THRwN3evP4eGqYje2DtT9B7Pctle5MszuiU+gdBMeP/nttRlPhVWpgYy2RSMz1v 1WbRlSdyG8QIdGclVmw4WEYUDddMZ2FZFaPbQ6Il1S2CXASV9ydmHmUbdneohSI2a59l stmQVe4V0Tq76bXtvOC5buVt/nijryHwxOOLQFSjD9YRBVQ7BGQrOtGkFbf5B/6r7O0P RJe3w3M2JAfqE3c4Tz9zMRDIEA17RiQOtFytInzgfyXRXqoKLG06GvFMyg/7NTp7/Zu/ Ez4Q== X-Gm-Message-State: AJaThX6CFA/5Gqk8az80vulXIg1RNin3s363nw7U+hMFs3t17eICSlkH ghyup3ZBNQC4zFlpoZfy0woL5JieQGK77ESRZnr2tQ== X-Google-Smtp-Source: ABhQp+RdoCvhyzA0d1WhaOogG1ni85yFVaLPxkUym1cW5r7olvALEe2wWhoUn9OvganRbIti7F2gMLvvfqwXVu5SaMA= X-Received: by 10.37.170.236 with SMTP id t99mr691425ybi.70.1510120150059; Tue, 07 Nov 2017 21:49:10 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.129.153.84 with HTTP; Tue, 7 Nov 2017 21:49:09 -0800 (PST) In-Reply-To: <65c1af14-a224-4c9f-1ca8-eca4ccc71d0f@gmail.com> References: <65c1af14-a224-4c9f-1ca8-eca4ccc71d0f@gmail.com> From: R0b0t1 Date: Tue, 7 Nov 2017 23:49:09 -0600 Message-ID: Subject: Re: [gentoo-user] Linux USB security holes. To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset="UTF-8" X-Archives-Salt: c96bbba5-298a-4eb7-ab13-ca7cb1111841 X-Archives-Hash: ff79f367b75570472642b7d7eb5f057f On Tue, Nov 7, 2017 at 11:08 PM, Dale wrote: > Howdy, > > I ran up on this link. Is there any truth to it and should any of us > Gentooers be worried about it? > > http://www.theregister.co.uk/2017/11/07/linux_usb_security_bugs/ > > Isn't Linux supposed to be more secure than this?? > In theory. There was no comment on the existence of such bugs in the Windows driver stack, but they likely exist. However, note: "The impact is quite limited, all the bugs require physical access to trigger," said Konovalov. "Most of them are denial-of-service, except for a few that might be potentially exploitable to execute code in the kernel." Which is typically what one should expect from bugs discovered by fuzzing. These are issues which should be fixed, but keep in mind that there has been (and still is) lots of kernel development that focuses on isolating the kernel from itself. The reporting of these bugs will likely be used to make those mechanisms even better. To compare, here is an "exploit" discovered in a monitor: https://github.com/RedBalloonShenanigans/MonitorDarkly. The prerequisites include having debug access to the monitor's controller. Personally I am surprised this was presented at DefCon as it does not really seem appropriate. At least the articles covering the code should be reworded - it's exploiting the monitor almost the same way you can exploit a car by driving it. More and more security releases are starting to look like the above, as the researchers and authors clamor for notability, which is increasingly hard to find. I think the article you found strikes a middle ground - the exploits are relevant in practice, but take a lot of work to use. Cheers, R0b0t1