[tor-talk] USB Sticks for Tails -> CCCamp

Apple Apple djjdjdjdjdjdjd32 at gmail.com
Thu Jul 23 09:27:40 UTC 2015


On 23 Jul 2015 06:25, "Roman Mamedov" <rm at romanrm.net> wrote:
> USB host controllers by themselves are not known to have any
reprogrammable

Interesting that Jacob gets a completely different standard of proof to me
but fine, I'll look into it. On the one hand USB is not a trivial protocol,
otherwise USB sticks wouldn't have microcontrollers. On the other hand
everything still goes through the CPU which is why USB is so much slower
than DMA alternatives. You might be right but forgive me for not taking
your word on it.

> However I have to wonder on what is your threat scenario that you cannot
trust
> a random anonymously bought off-the-shelf DVD drive.

I don't think it is just that. Even if it is clean on purchase, after a
compromised Tails session it is theoretically a place to hide malicious
code to subsequently comprimise all future sessions.

I agree this is a radically different threat model. Tampering with the
Tails kernel or rootfilesystem at rest on a USB stick and tampering with
device firmware are completely different ballparks.


More information about the tor-talk mailing list