|
|
|
|
|
|
by tptacek
2237 days ago
|
|
|
You almost certainly know more about this than me, but hasn't macOS been breaking this attack --- malicious PCIE DMA --- for several years now with its IOMMU configuration? Ivan Krstic has a whole series of BH slides about this, and in the context of T2. The point about attacking trusted devices and pre-cloning devices is well taken. |
|
|
An important caveat: the IOMMU alone will not handle every other issue that comes with malicious PCI(e) devices.