On Wed, Oct 29, 2014 at 08:19:27PM +0100, Lodewijk andré de la porte wrote:
These fail together, I'd call them equally safe. Using an unusual (and small) stack is safer as exploits would be more expensive to obtain.
Probably better to airgap by having a secure microkernel (L4, how are you?) do the USB and another protocol (Ethernet for all I care) carry sanitized payload to the actual machine. Think of it as wearing a condom. Whatever the transferred payload is, making sure it's sanitized is vital and non-trivial. Probably would require interpreting and serializing it again, to unify the formatting.
USB condom, great name :-). Last time I amused myself with such idea (say, few months ago), I ended up reading specs of stm32f4 family of single board microcontrollers, mostly because my local shop sells them. They have like 1MB of flash, my fav has 192kB of ram (not sure, in one piece or banks? and yes, it's kilo-bytes, not kilo-bits, according to web page), I guess they have enough io pins to solder usb and/or ether connectors to them. Plus, ARM Cortex-M cpu @80+ MHz. Very very cute, for me. It's a bit of overkill but I really dislike boards with 512 bytes of ram (what kind of compiler could I fit into this? binary lambda self interpreter, maybe, cool, but what else besides it - and how much could I use it for computing rather than led blinking, although leds could make it look sexier). :-) Also, I myself would not use L4. No bad feelings about it but, sounds a bit too huge for this task, meybe? Since I don't know too much about all this stuff, I guess I'd start with C or Forth on bare metal. I had not enough time to make sure I could develop for it using Linux/BSD, since other OSes are no-no. -- Regards, Tomasz Rola -- ** A C programmer asked whether computer had Buddha's nature. ** ** As the answer, master did "rm -rif" on the programmer's home ** ** directory. And then the C programmer became enlightened... ** ** ** ** Tomasz Rola mailto:tomasz_rola@bigfoot.com **