Attacking an offline system (was: Why trust gpg4win?)
Peter Lebbing
peter at digitalbrains.com
Thu Sep 12 19:07:07 CEST 2013
On 12/09/13 15:55, Jan wrote:
> Do you see any reasonable attack vectors? What do you think?
The moment someone plugs in a mass storage device and we're talking about
attacking his computer, I think of a manipulated file system, exploiting an
error in the file system driver of the kernel (which runs at a nice privilege
level too). I missed that vector in the discussion so far, which focussed on
manipulated files.
The filesystem is also still there with this USB-via-serial-port thingy. And on
the CD.
You can avoid a filesystem by just storing a tar archive on the storage. I don't
think that's very helpful under Windows, but under Linux, using a block device
as tar input/output is easy. Hell, it's what tar was originally made for (tape
devices) :).
That only helps for the filesystem vector, though.
Anybody still using laplink cables? ;)
(I once blew up part of a mainboard with a laplink cable. Was on a different
phase of the mains electricity than the other PC and not grounded. Gave a nice
spark.)
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list