Delivery-Date: Thu, 23 Jul 2015 05:27:54 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,FROM_LOCAL_NOVOWEL,HK_RANDOM_FROM,RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 37F371E03AA;
	Thu, 23 Jul 2015 05:27:53 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 1D0CF35F75;
	Thu, 23 Jul 2015 09:27:47 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 5884735EB8
 for <tor-talk@lists.torproject.org>; Thu, 23 Jul 2015 09:27:43 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 5ZZEmpiP0V3R for <tor-talk@lists.torproject.org>;
 Thu, 23 Jul 2015 09:27:43 +0000 (UTC)
Received: from mail-pd0-x234.google.com (mail-pd0-x234.google.com
 [IPv6:2607:f8b0:400e:c02::234])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 25A6B35DB9
 for <tor-talk@lists.torproject.org>; Thu, 23 Jul 2015 09:27:43 +0000 (UTC)
Received: by pdbnt7 with SMTP id nt7so83373305pdb.0
 for <tor-talk@lists.torproject.org>; Thu, 23 Jul 2015 02:27:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=+cRMdRPxoNbR2VQuR5JGWWAXyZY0Jc3voErW8cvkxpk=;
 b=zw5iE4L2h9ooYyyjV4w6QpV+7uJSwSDbDAnt7FWUhYMIJgAMzeQWTutuWuX+ZTiBZj
 TPeCsG1yVJLlFPt8BpI6wdo8OJl3Ygo9rhdEgHK6+QCwFKF/WCDlaJPcYaJMkIafXdh/
 ahnUiOgvCmeiLyhkNEg8oEi9Fh6m/cY9zxUi+5nzEM1UYgE/0Gt42Ctm0wDWwP/Q51lJ
 pnw4SauQWzWwQpjeJ7J1RDnarUSTfikXzIi+uHuKzGSWgB23E3amRWnn9iKysD88AMw6
 QpEbrE9sTb90mn4pPv0CXq0dr8JQ5nsj9KKBPY4n/Gyu3jzZC2l4GaIe2vvE/XDN9Tnf
 izsQ==
MIME-Version: 1.0
X-Received: by 10.66.244.67 with SMTP id xe3mr16485469pac.110.1437643660531;
 Thu, 23 Jul 2015 02:27:40 -0700 (PDT)
Received: by 10.70.131.8 with HTTP; Thu, 23 Jul 2015 02:27:40 -0700 (PDT)
Received: by 10.70.131.8 with HTTP; Thu, 23 Jul 2015 02:27:40 -0700 (PDT)
In-Reply-To: <20150723061325.GC10309@inner.h.apk.li>
References: <55AEE999.5040003@torservers.net>
 <CAFggDF2jAdnHdBdBmATqZSezkG3k+SeOGKGqJOXTAp2yGKGKrQ@mail.gmail.com>
 <55AF76C3.6010408@enn.lu>
 <CAAgxajHNFcog0=VRP_tUdTgLU=gYUX1m5qjxBXatE=z-0FWAzg@mail.gmail.com>
 <CAFggDF1Ssa0MdO6DitnX52t9c44D7zrMc7Ry09Za8zGHbdWXjg@mail.gmail.com>
 <CAAgxajHf3kZ+Pvm-_97FJUEJQ6z=B0sKabyaAqCjdHEK4ESiTg@mail.gmail.com>
 <20150723102537.46534217@natsu>
 <20150723061325.GC10309@inner.h.apk.li>
Date: Thu, 23 Jul 2015 02:27:40 -0700
Message-ID: <CAAgxajGGWVGrcHXUFEQ0GcC-9cYWXZvfidfi6aKugdH6KkEV-Q@mail.gmail.com>
From: Apple Apple <djjdjdjdjdjdjd32@gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] USB Sticks for Tails -> CCCamp
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 23 Jul 2015 06:25, "Roman Mamedov" <rm@romanrm.net> wrote:
> USB host controllers by themselves are not known to have any
reprogrammable

Interesting that Jacob gets a completely different standard of proof to me
but fine, I'll look into it. On the one hand USB is not a trivial protocol,
otherwise USB sticks wouldn't have microcontrollers. On the other hand
everything still goes through the CPU which is why USB is so much slower
than DMA alternatives. You might be right but forgive me for not taking
your word on it.

> However I have to wonder on what is your threat scenario that you cannot
trust
> a random anonymously bought off-the-shelf DVD drive.

I don't think it is just that. Even if it is clean on purchase, after a
compromised Tails session it is theoretically a place to hide malicious
code to subsequently comprimise all future sessions.

I agree this is a radically different threat model. Tampering with the
Tails kernel or rootfilesystem at rest on a USB stick and tampering with
device firmware are completely different ballparks.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

