|
|
|
|
|
|
by rolandr
4022 days ago
|
|
|
I'm not sure why Apple should be singled out for addressing this. Plus, you're talking about a security issue that requires physical access to a machine - something a bit different from the issues of privacy, malware, NSA snooping, etc. It would seem more sensible to focus on those working up the USB specification (Intel, HP, NEC, etc.) to deliver a standard and hardware implementations less prone to attacks. Plus, pretty much _every_ USB stack has these issues - wasn't it Linux where we starting seeing proofs of concept? Actually, Apple has shown foresight in its hardware selection, as they have consistently selected Intel processors with Vt-d/IOMMU support (to this day, it remains difficult to find IOMMU-enabled notebook computers). This has allowed OSX to isolate Thunderbolt and neuter attacks:
http://ilostmynotes.blogspot.com/2014/11/thunderbolt-dma-att... Possibly a similar thing might be done for USB controllers as well... |
|
|
You're correct in that it's not an Apple-only security issue. I'm not sure if the person you're replying to meant to imply that. However, Apple has never been particularly concerned with pointing out security vulnerabilities. Up until three years ago they were claiming that OSX didn't get viruses and that you could be safe by doing nothing. (http://www.theatlantic.com/technology/archive/2012/06/its-of...) That's why Apple gets a lot of flak from security-oriented folk. They mislead tons of people into thinking that "Macs don't get viruses". And I still hear self-proclaimed geniuses who tell me this, and why it's the reason they'll only use Apple products.
Considering Apple changed their slogan to "built to be safe" after being heavily compromised and criticized by the media, they do deserve a push to take care of hardware security issues by default. After all, security is built in, right? Shouldn't they make some proactive security efforts after advertising to their users repeatedly with the premise that their users shouldn't care about security?
> Actually, Apple has shown foresight in its hardware selection
That link you share came around four years after OSX (and Windows) had the login screen compromised with Firewire hacking devices (http://www.hermann-uwe.de/blog/physical-memory-attacks-via-f...). Of which Apple was the primary vendor involved in pushing the standard. Not only that, it's talking about more modern devices being secure from an exploit that was used to compromise early Thunderbolt-enabled computers roughly two-and-a-half years prior (http://www.breaknenter.org/2012/02/adventures-with-daisy-in-... and http://www.breaknenter.org/projects/inception/). The fact that Apple started utilizing IOMMU to counter DMA attacks and moved away from Firewire isn't foresight - it's reactive. Admitted, a good reaction. That's how a lot of security procedures end up. But let's not pretend that they're ahead of the game on security when they aren't.
> Possibly a similar thing might be done for USB controllers as wel
It's been done for USB, Firewire, Thunderbolt, any hotpluggable PCI/PCI-e expansion port/socket (because you can plug the above in unless it's disabled in the OS). Pretty much anything with DMA in it is an issue.
> Plus, you're talking about a security issue that requires physical access to a machine
You're assuming direct malicious intent. Which might be the case for jealous spouses and high-value targets. But a far more likely consumer scenario is handing your USB stick to a friend with a compromised computer to share a file. After he plugs it in, his malware-infested computer overwrites the USB device's firmware as a new attack vector. When you get it back and use it again, your computer becomes infected.
It's not common now, but it's not really that far fetched.