Attacking an offline system

Peter Lebbing peter at
Fri Sep 13 11:08:16 CEST 2013

On 12/09/13 22:03, NdK wrote:
> Nope. W/ Vinculum module you send it commands like "open mickey.txt" and
> then "read 1024". The filesystem driver is in the module and your interface
> only receives expected data.

I hadn't looked at the Vinculum module[1]; that would indeed be a way to remove
the filesystem from the equation, although you will end up writing something
similar to a filesystem driver for the PC which might itself be exploitable.

You can reduce the complexity of the software, but you can't eliminate some form
of driver. And I certainly wouldn't trust the module to give me only expected
data :). You've only moved the complexity of the USB stack to the module, it
needs to be regarded exploitable.

> You really should define your "security perimeter".

You mean threat model? I completely agree. All my contributions are just musings
about things I notice while reading other people's contributions. I'm not
contemplating actually doing any of this. If you seriously consider doing this,
you need to formulate a good threat model.

I use a USB stick to transfer stuff.



[1] I was just thinking in general terms of bridging USB mass storage to a
serial port through some driver.

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list