Raspberry pi safe?
Lodewijk andré de la porte
l at odewijk.nl
Fri Apr 17 00:02:47 PDT 2015
2015-04-15 18:05 GMT+09:00 Cathal (Phone) <cathalgarvey at cathalgarvey.me>:
> The SOC in a raspi is probably no worse than the rest,
This is what I'm most concerned about! I think the Intel platform is too
big to not be exploited (more or less) on the hardware level. I have a very
little better feeling about AMD but I don't think it's based on much.
The idea that ARM processors are much much smaller and therefore easier to
audit makes them less attractive exploit targets. That, and that they've
only recently come into use, are build by smaller companies, etc. When you
build a SOC around it, well, that's kind of asking for trouble!
The best avoidance method I've come up with so far is taking two units,
(bitbanging) I2C (or whatever) over the IO pins to do "networking" from one
to the other, connect one to the Internet and the other exclusively over
those IO pins. That way, whatever exploit is present is VERY unlikely to be
triggered. It's... still not 100% of course.. If the exploit is on the
relevant IO pins, well, it just might be trigger-able by manipulating the
network traffic. Maybe write high every so many bits just to meddle? It's
closer then anything else, anyway.
As for less paranoid exploits, you have to tell us the threat model! (the
cell shield will very likely be remote exploitable, but only by the really
bad goodies)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1861 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20150417/dddd812c/attachment-0002.txt>
More information about the cypherpunks
mailing list