On 14/05/13 18:13, James Harper wrote: >> >> On 14/05/13 18:01, Russell Coker wrote: >>>> It's been too >>>> easy, even with Linux [1] (_might_ be okay now, depends on your distro >>>> and setup) to cause havoc with a rogue USB stick or similar as well. >>> >>> How would someone do that? Linux doesn't have a run a program >> automatically >>> when device is mounted "feature" unlike Windows. >> >> Read the article -- the exploit targeted the kernel module that handles >> the USB port. It fetches the USB device's name automatically when you >> plug something in -- and it turned out there was a buffer overflow >> available there. >> > > I wouldn't worry too much. I suspect with the correct sort of fs corruption > you could crash most kernels anyway [1]. You would need to get the user to > mount the inserted USB but that's probably their intent if they have inserted > it. FUSE FTW! [2]
In the article linked: The attack vector was such that the attacker could plug the USB key into an unattended, but locked, machine.. then remove it after a couple of seconds and walk off. The victim would have no idea that while they were away their machine had been compromised. That is far more insidious than a user simply having their machine crash after the put a foreign USB stick into it. (And at which point they'd just go straight back to the person who gave it to them and yell at them.) T _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
