Reminder to those who think DVD-Rs are such a no-brainer for air-gap implementation:https://twitter.com/rootkovska/status/672404850383134720 …
@rootkovska @ioerror SD cards with internal readers, whether USB or directly interfaced, provide a quite narrow code attack surface imho
-
-
@rootkovska@ioerror at least compared to other external storage media -
@AndreaBarisani Sure, but I think@i0n1c wanted a diode-like medium (hence DVD-R)@ioerror -
@rootkovska@i0n1c@ioerror Ethernet connected storage, cut TX wire and disable automatic crossover ;)
End of conversation
New conversation -
-
-
@AndreaBarisani@rootkovska@ioerror SD cards are already complex computers with a 80251 CPU. :3 -
@Serianox_@rootkovska@ioerror yes but the communication protocol allows very limited interaction -
@AndreaBarisani@rootkovska@ioerror I wouldn't assume the driver author expected malicious behavior from the SD card. -
@Serianox_@rootkovska@ioerror a malicious SD card would have very little to do against host, unless the driver is total SNAFU -
@Serianox_@rootkovska@ioerror we implemented hardware diodes and test external interfaces on all kind of systems, some experience there ;) -
@AndreaBarisani@rootkovska@ioerror Unfortunately, not everyone has that much experience. :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.