are USB floppies toxic?

Tomasz Rola rtomek at ceti.pl
Thu Oct 30 08:21:28 PDT 2014 

On Wed, Oct 29, 2014 at 08:19:27PM +0100, Lodewijk andré de la porte wrote:
> These fail together, I'd call them equally safe. Using an unusual
> (and small) stack is safer as exploits would be more expensive to
> obtain.
> 
> Probably better to airgap by having a secure microkernel (L4, how
> are you?)  do the USB and another protocol (Ethernet for all I care)
> carry sanitized payload to the actual machine. Think of it as
> wearing a condom. Whatever the transferred payload is, making sure
> it's sanitized is vital and non-trivial. Probably would require
> interpreting and serializing it again, to unify the formatting.

USB condom, great name :-).

Last time I amused myself with such idea (say, few months ago), I
ended up reading specs of stm32f4 family of single board
microcontrollers, mostly because my local shop sells them. They have
like 1MB of flash, my fav has 192kB of ram (not sure, in one piece or
banks? and yes, it's kilo-bytes, not kilo-bits, according to web
page), I guess they have enough io pins to solder usb and/or ether
connectors to them. Plus, ARM Cortex-M cpu @80+ MHz. Very very cute,
for me.

It's a bit of overkill but I really dislike boards with 512 bytes of
ram (what kind of compiler could I fit into this? binary lambda self
interpreter, maybe, cool, but what else besides it - and how much
could I use it for computing rather than led blinking, although leds
could make it look sexier).

:-)

Also, I myself would not use L4. No bad feelings about it but, sounds
a bit too huge for this task, meybe? Since I don't know too much about
all this stuff, I guess I'd start with C or Forth on bare metal. I had
not enough time to make sure I could develop for it using Linux/BSD,
since other OSes are no-no.

-- 
Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola at bigfoot.com             **

More information about the cypherpunks mailing list