|
|
|
|
|
|
by RomP
5460 days ago
|
|
|
It's not the OS. It's the hardware. While USB devices are somewhat more difficult to use for exploits like this, any FireWire or PCMCIA device has full access to the RAM through DMA channel (1) Worth repeating: they can read ANY page in RAM. Including those which contain user key hashes, session hashes and any password which happens to be stored in clear in memory. While OS can protect process' memory from all other processes, the DMA is one level closer to the metal. No matter what OS you're running, plugging random devices to your system means the game is over. (1) HW virtualization mitigates some of these risks: I'm not familiar with the details of it. But since most of the machines are running without the HW virtualization still, they are still vulnerable. edited for formatting |
|
|
There are vectors beyond "autorun" for attacking machines with USB devices (for instance, automatically mounting filesystems exposes the filesystem to malicious block inputs) but these are squarely in the OS's bailiwick.