are USB floppies toxic?
We know USB flash is is Biosafety 4, what about other sneaker-net suitable storage media? USB floppies are still around, as well as media, which are write-protectable. How easy to hop the air gap with these?
How hard would it be to scratch a trace or two off a USB drive to render it read-only and protect the chip from BadBIOS-style flashing? I think USB floppy is just separating the storage from the drivers, but ultimately changes nothing. On 29 October 2014 14:56:41 GMT+00:00, Eugen Leitl <eugen@leitl.org> wrote:
We know USB flash is is Biosafety 4, what about other sneaker-net suitable storage media? USB floppies are still around, as well as media, which are write-protectable.
How easy to hop the air gap with these?
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
These fail together, I'd call them equally safe. Using an unusual (and small) stack is safer as exploits would be more expensive to obtain. Probably better to airgap by having a secure microkernel (L4, how are you?) do the USB and another protocol (Ethernet for all I care) carry sanitized payload to the actual machine. Think of it as wearing a condom. Whatever the transferred payload is, making sure it's sanitized is vital and non-trivial. Probably would require interpreting and serializing it again, to unify the formatting.
On Wed, Oct 29, 2014 at 08:19:27PM +0100, Lodewijk andré de la porte wrote:
These fail together, I'd call them equally safe. Using an unusual (and small) stack is safer as exploits would be more expensive to obtain.
Probably better to airgap by having a secure microkernel (L4, how are you?) do the USB and another protocol (Ethernet for all I care) carry sanitized payload to the actual machine. Think of it as wearing a condom. Whatever the transferred payload is, making sure it's sanitized is vital and non-trivial. Probably would require interpreting and serializing it again, to unify the formatting.
USB condom, great name :-). Last time I amused myself with such idea (say, few months ago), I ended up reading specs of stm32f4 family of single board microcontrollers, mostly because my local shop sells them. They have like 1MB of flash, my fav has 192kB of ram (not sure, in one piece or banks? and yes, it's kilo-bytes, not kilo-bits, according to web page), I guess they have enough io pins to solder usb and/or ether connectors to them. Plus, ARM Cortex-M cpu @80+ MHz. Very very cute, for me. It's a bit of overkill but I really dislike boards with 512 bytes of ram (what kind of compiler could I fit into this? binary lambda self interpreter, maybe, cool, but what else besides it - and how much could I use it for computing rather than led blinking, although leds could make it look sexier). :-) Also, I myself would not use L4. No bad feelings about it but, sounds a bit too huge for this task, meybe? Since I don't know too much about all this stuff, I guess I'd start with C or Forth on bare metal. I had not enough time to make sure I could develop for it using Linux/BSD, since other OSes are no-no. -- Regards, Tomasz Rola -- ** A C programmer asked whether computer had Buddha's nature. ** ** As the answer, master did "rm -rif" on the programmer's home ** ** directory. And then the C programmer became enlightened... ** ** ** ** Tomasz Rola mailto:tomasz_rola@bigfoot.com **
2014-10-30 16:21 GMT+01:00 Tomasz Rola <rtomek@ceti.pl>:
Also, I myself would not use L4. No bad feelings about it but, sounds a bit too huge for this task, meybe? Since I don't know too much about all this stuff, I guess I'd start with C or Forth on bare metal. I had not enough time to make sure I could develop for it using Linux/BSD, since other OSes are no-no.
For me the reason for a kernel is existing drivers and a proven infrastructure. You want to make the protocol and data as non-native as possible, change it around as much as you can, to remove potential exploits. There's just too many exploits though :(... No way to protect against an exploited PDF, unless you want to reformat the PDF's (maybe into JPG?). You could theoretically do that on the fly with L4, but with bare-metal you'd be hurting yourself a lot. Which also brings us back to Eugen, Eugen, for what is USB flash Biosafety 4? What do you want to do with these drives? Just moving data in, without moving data out? Or just preventing some magical build-into-the-chipset exploits (like is possible with Firewire)? All of those could be brought with an L4-running device with USB and another protocol, allowing better connectivity, too. But depending on the threat model, less might be enough (or more!). I think an air-gap is supposed to be gapped both ways. one could create a purpose-specific data format, that can be re-interpreted by the software running on the L4 device. Then, when transferring a file, the L4 device will read the stuff from the USB, reinterpret it to ensure correct formatting, write it out to the other side in whatever way chosen. Depending on volume it might be feasible to transfer manually, just mash it into a (radiation isolated!) keyboard.
On Thu, Oct 30, 2014 at 05:01:28PM +0100, Lodewijk andré de la porte wrote:
2014-10-30 16:21 GMT+01:00 Tomasz Rola <rtomek@ceti.pl>:
Also, I myself would not use L4. No bad feelings about it but, sounds a bit too huge for this task, meybe? Since I don't know too much about all this stuff, I guess I'd start with C or Forth on bare metal. I had not enough time to make sure I could develop for it using Linux/BSD, since other OSes are no-no.
For me the reason for a kernel is existing drivers and a proven infrastructure. You want to make the protocol and data as non-native as possible, change it around as much as you can, to remove potential exploits. There's just too many exploits though :(... No way to protect against an exploited PDF, unless you want to reformat the PDF's (maybe into JPG?). You could theoretically do that on the fly with L4, but with bare-metal you'd be hurting yourself a lot.
Oh I see. Using L4 makes sense then. But, if concern goes as far as files prepared with hostile intent, I again mused myself once (what a muser I am) with idea of filtering this stuff through software/converter running on non-386 emulator, like PDP-10 (simh or something, running TOPS-* is optional), vax (again simh, some modern bsd should fit) or even S/380 (modified Hercules emulator, modern variation on S360 mainframe, hobby project, gnu software ported to MVS/380 which itself descends from one commercial mainframe os, which at one point of time became public domain - if memory serves, of course). Since those are all musings and no hard work, I cannot claim any kind of success or if this makes any sense or not at all. Seems doable, requires time and reading some old manuals written on typewriter and scanned, and the font is ugly and scales poorly on 6'' ebook reader... -- Regards, Tomasz Rola -- ** A C programmer asked whether computer had Buddha's nature. ** ** As the answer, master did "rm -rif" on the programmer's home ** ** directory. And then the C programmer became enlightened... ** ** ** ** Tomasz Rola mailto:tomasz_rola@bigfoot.com **
On Thu, Oct 30, 2014 at 3:21 PM, Tomasz Rola <rtomek@ceti.pl> wrote:
USB condom, great name :-).
http://syncstop.com/ - there was an open hardware version of this somewhere, but maybe all that went away when they got a new name and a hipster website ... not for the purpose you are discussing but still useful.
mroq qorm <mroqorm@gmail.com> writes:
On Thu, Oct 30, 2014 at 3:21 PM, Tomasz Rola <rtomek@ceti.pl> wrote:
USB condom, great name :-). http://syncstop.com/ - there was an open hardware version of this somewhere, but maybe all that went away when they got a new name and a hipster website ... not for the purpose you are discussing but still useful.
More generally, search for "charge only usb cable" and you'll find lots of things like this, e.g: http://www.ebay.com/itm/2M-6ft-LONG-THICK-Fast-Charging-ONLY-USB-Cable-WHITE-4-iPad-Air-2-mini-3-Retina-/291161982615?pt=US_Tablet_eReader_Chargers_Sync_Cables&hash=item43ca9b4697 http://www.ebay.com/itm/High-Speed-Charge-Only-Micro-USB-Charging-Cable-Android-Quality-Fast-Charger-/221266793926?pt=UK_MobilePhones_MobilePhoneAccessories_MobilePhoneChargers&hash=item33848755c6 http://www.ebay.com/itm/GYRRH-Micro-USB-Power-Charge-Only-Cable-3ft-91cm-Yellow-/131304066524?pt=US_USB_Cables_Hubs_Adapters&hash=item1e92550ddc Something like this, $1.99 including shipping: http://www.ebay.com/itm/Micro-USB-2-0-Charging-Charge-Only-Cable-For-Samsung-Galaxy-HTC-Nexus-Android-63-/111283024587?pt=US_Cell_Phone_PDA_Cables_Adapters&var=&hash=item19e8fc32cb is great for carrying around for charging your phone when you're travelling, just mark it in some way so you don't get frustrated when you can't sync your phone with it... Peter.
I use surge protector wall outlets that have USB ports in them to charge my phones: http://www.amazon.com/gp/aw/d/B00ATZJ606/ref=mp_s_a_1_1/175-6650613-8456264?qid=1414724024&sr=8-1 There are travel versions that are handy too. I partly got these as an alternative to traditional long surge protectors and have found them to be really useful at conferences and coffee shops. ~ Griffin On October 30, 2014 8:37:27 PM EST, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
mroq qorm <mroqorm@gmail.com> writes:
On Thu, Oct 30, 2014 at 3:21 PM, Tomasz Rola <rtomek@ceti.pl> wrote:
USB condom, great name :-). http://syncstop.com/ - there was an open hardware version of this somewhere, but maybe all that went away when they got a new name and a hipster website ... not for the purpose you are discussing but still useful.
More generally, search for "charge only usb cable" and you'll find lots of things like this, e.g:
http://www.ebay.com/itm/2M-6ft-LONG-THICK-Fast-Charging-ONLY-USB-Cable-WHITE-4-iPad-Air-2-mini-3-Retina-/291161982615?pt=US_Tablet_eReader_Chargers_Sync_Cables&hash=item43ca9b4697 http://www.ebay.com/itm/High-Speed-Charge-Only-Micro-USB-Charging-Cable-Android-Quality-Fast-Charger-/221266793926?pt=UK_MobilePhones_MobilePhoneAccessories_MobilePhoneChargers&hash=item33848755c6 http://www.ebay.com/itm/GYRRH-Micro-USB-Power-Charge-Only-Cable-3ft-91cm-Yellow-/131304066524?pt=US_USB_Cables_Hubs_Adapters&hash=item1e92550ddc
Something like this, $1.99 including shipping:
is great for carrying around for charging your phone when you're travelling, just mark it in some way so you don't get frustrated when you can't sync your phone with it...
Peter.
With respect to
More generally, search for "charge only usb cable" ...
at the other end of the spectrum, more or less, see the following. --dan -----------------8<------------cut-here------------8<----------------- kapricasecurity.com/skorpion Being secure is as easy as charging your phone. Simply connect your Android device to the Skorpion charger and it will be scanned for malware, viruses, and malicious rootkits while it charges. * Cutting edge security Ensure mobile device integrity with Kaprica's leading edge innovation. Nation-state quality technology can now be yours. * Clear scan results LED indicator lights let you know if risks have been detected or if your device is clean. A green light means no problems - a red one means trouble. * Part of your daily routine Scan whenever you need to charge - no hassle of extra steps or additional software. High level technology at your fingertips. How does it work? The Kaprica charger is a three-step system that happens automatically without any user interaction. * 01 Quick Scan In as little as 2 minutes you'll know if your mobile device has been infected with malware. * 02 Deep Scan In as little as 6 minutes, a deep scan reveals malicious changes to your OS. * 03 Report Scan Results Our web interface quickly and quietly identifies and reports on any malicious content and the cleanliness of your mobile device. Extensive reporting and interactive dashboard for enterprise-level IT administrators. Data collected by the Skorpion charger is sent back to Kaprica's servers and clearly displayed in the administrative dashboard.
On Sun, Nov 02, 2014 at 08:32:51PM -0500, dan@geer.org wrote:
With respect to
More generally, search for "charge only usb cable" ...
at the other end of the spectrum, more or less, see the following.
I couldn't read the quoted text in my browsers. Do they offer moneyback guarantee? Do they offer the protection their device isn't infected by unknown, well, vectors/surfaces/curves/groups/etc.? -- 10x
--dan
-----------------8<------------cut-here------------8<-----------------
kapricasecurity.com/skorpion
Being secure is as easy as charging your phone.
Simply connect your Android device to the Skorpion charger and it will be scanned for malware, viruses, and malicious rootkits while it charges.
* Cutting edge security Ensure mobile device integrity with Kaprica's leading edge innovation. Nation-state quality technology can now be yours.
* Clear scan results LED indicator lights let you know if risks have been detected or if your device is clean. A green light means no problems - a red one means trouble.
* Part of your daily routine Scan whenever you need to charge - no hassle of extra steps or additional software. High level technology at your fingertips.
How does it work?
The Kaprica charger is a three-step system that happens automatically without any user interaction.
* 01 Quick Scan In as little as 2 minutes you'll know if your mobile device has been infected with malware.
* 02 Deep Scan In as little as 6 minutes, a deep scan reveals malicious changes to your OS.
* 03 Report Scan Results Our web interface quickly and quietly identifies and reports on any malicious content and the cleanliness of your mobile device.
Extensive reporting and interactive dashboard for enterprise-level IT administrators.
Data collected by the Skorpion charger is sent back to Kaprica's servers and clearly displayed in the administrative dashboard.
participants (9)
-
Cathal (Phone) -
dan@geer.org -
Eugen Leitl -
Georgi Guninski -
Griffin Boyce -
Lodewijk andré de la porte -
mroq qorm -
Peter Gutmann -
Tomasz Rola