Linux autorun vulnerabilities?

Posted Feb 10, 2011 9:18 UTC (Thu) by dlang (guest, #313)
In reply to: Linux autorun vulnerabilities? by Fowl
Parent article: Linux autorun vulnerabilities?

no, the USB bus does not support DMA (direct memory access), the driver uses it to transfer data from the memory to the server-side hardware, but the devices plugged in cannot initiate or control DMA.

Linux autorun vulnerabilities?

Posted Feb 10, 2011 12:43 UTC (Thu) by cesarb (subscriber, #6266) [Link] (2 responses)

Well, an USB device can emulate a keyboard/mouse too. I am sure a creative hacker would be able to use this to do something like opening a terminal and typing a command.

But this requires special hardware. What we are talking about is things that can be used for worm-like behavior, that is, things that can be written to a generic USB mass storage device.

Linux autorun vulnerabilities?

Posted Feb 10, 2011 14:07 UTC (Thu) by gidoca (subscriber, #62438) [Link] (1 responses)

Special hardware? What prevents you from doing this as a malware for smartphones?

Linux autorun vulnerabilities?

Posted Feb 10, 2011 15:28 UTC (Thu) by cesarb (subscriber, #6266) [Link]

Good catch. Even though I have one on my pocket, I completely forgot that it can be used as the "special hardware" I was thinking of.