Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've only read part way through, but good grief, you owe it to yourself to read this. Also, in retrospect, it seems obvious. Nonetheless...

Not having finished the article, one of my initial thoughts: I guess my thoughts and intuition were right. It's not time to throw away those optical disks (and drives), yet.



You think that optical drives could somewhat operate without microcontroller inside?


You don't connect new microcrontrolers (from unkown procedence) into a main I/O bus every time you get data from somebody in optical disks. You always use the same set.


On the other hand, if we're talking security, while USB drives are "unknowns", at least they don't have DMA like an optical drive.


No, but they do have "I'm really a hub with a keyboard and a mouse (and a mass storage device) behind it". Or, if you go for simple but (too often) effective, "please autorun evil.exe". (Also, how well-secured do you think your USB stack is? It's been exposed to tons of shitty devices, of course, but proper attacks?)

USB isn't to be trusted, either.


Unless someone invests time into creating a safe, open-source USB passthrough device. I imagine it wouldn't be that hard to do for specific USB classes. It could even spot a "charge-mode" switch which cuts data lines as an option.


Right, neither is trustworthy, so we agree :)


I wonder what the odds are that the microcontroller in an optical drive contains bugs that can be exploited with a specially crafted disc.


IIRC either the original Xbox or the Xbox 360 was sometimes modded/jailbroken by using a modified firmware for the internal DVD drive. Not exactly the same thing, but in the same vein.


I could definitely see it being easy to write bugs where verification code assumes that nominally read-only devices always return the same data for two subsequent reads of the same location, and then getting up to mischief by taking advantage of that assumption.


At least it's not the case that each inserted storage device (i.e. "disk" or "card", as opposed to "drive") necessarily includes arbitrary execution (Microsoft's "AutoRun/AutoPlay" and the like -- now more constrained if not disabled -- aside).


I'm not too concerned about the vulnerability but just amazed at the technology. Those tiny little microsd cards contains a microcontroller running at 100mhz equivalent. Didn't ever really consider that




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: