On Wed, Sep 26, 2012 at 07:44:34PM +0200, a...@boum.org wrote: > Issue: 32bit PCMCIA gets DMA. It is thus usable by an adversary for > external bus memory forensics on a running Tails. > > Question: we now have to discuss what usability vs. > security balance we want. > > Ideas: > > * If a firewire card was inserted into the slot and the bus is active, > pop up a dialog and ask "hey, you want to use firewire/etc.?"
I don't know how this would be possible without serious kernel hacking. > * disable these buses by default, allow opt-in through tails-greeter > to enable > * ask that users assert they want to use this or that bus, and make > the assertion bind to a single device, rather than all devices > blindly > * de-activate PCMCIA and ExpressCard on systems that don't have any > PCMCIA or ExpressCard devices after running for 5 minutes. This is > going to byte some users, but probably only the first time. I still prefer the later. -- Ague
pgpi8mXnZmBpw.pgp
Description: PGP signature
_______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev