Feature #5451

Protect against external bus exploitation

Added by Tails about 4 years ago. Updated 4 months ago.

Status:ConfirmedStart date:06/13/2015
Priority:NormalDue date:
Assignee:Dr_Whax% Done:

2%

Category:-
Target version:-
QA Check: Blueprint:

https://tails.boum.org/blueprint/protect_against_external_bus_memory_forensics

Feature Branch: Easy:No
Type of work:Code Affected tool:

Description

Team: DrWhax, ? (team mate)


Subtasks

Feature #5336: Test protection against external bus memory forensicsConfirmed

Feature #5463: Disable Thunderbolt?Confirmed

Feature #5850: Research security implications of thunderboltConfirmed

Feature #5547: Deactivate PCMCIA, ExpressCard and FireWire if unused after 5 minutesConfirmed

Feature #5580: Document protection against external bus memory forensicsConfirmed

Feature #9569: Research available protections against rogue USB devicesConfirmed

Feature #11581: Blacklist dangerous PCIe hotplugging modules that are not needed for supported use casesIn Progresscypherpunks


Related issues

Blocks Tails - Feature #5317: Disable FireWire DMA Confirmed
Blocks Tails - Feature #5631: Disable PCMCIA when unused at boot Confirmed
Blocks Tails - Feature #5828: Disable ExpressCard when it's unused at boot Confirmed

History

#1 Updated by intrigeri about 4 years ago

  • Type of work set to Code

Type of work: Code

#2 Updated by BitingBird about 3 years ago

  • Subject changed from protect against external bus memory forensics to Protect against external bus memory forensics
  • Easy set to No

#3 Updated by intrigeri about 2 years ago

  • Related to Feature #9569: Research available protections against rogue USB devices added

#4 Updated by sajolida almost 2 years ago

  • Description updated (diff)
  • Assignee set to Dr_Whax

#5 Updated by sajolida almost 2 years ago

  • Subject changed from Protect against external bus memory forensics to Protect against external bus exploitation
  • Target version changed from Hardening_M1 to 2016

#6 Updated by intrigeri over 1 year ago

  • Blocks deleted (Feature #5751: Support Bluetooth when it's used at boot)

#7 Updated by intrigeri 11 months ago

  • Target version deleted (2016)

(Removed from the roadmap during Tails summit 2016.)

#8 Updated by intrigeri 4 months ago

  • Related to deleted (Feature #9569: Research available protections against rogue USB devices)

#9 Updated by cypherpunks 4 months ago

Is there anything we can do about EDID without a kernel patch?

Also available in: Atom PDF