
Exploiting Network Cards - davidw
http://www.links.org/?p=330
======
gaika
Remember how in "a Fire upon the Deep" a ship carrying countermeasure that was
taken out by the Blight? Latest openssl / debian fiasco and bugs like this
show just how trivial it must be for a powerful adversary.

------
wmf
Wow, that is impressively evil. Maybe that's why vendors don't want to open
their firmware.

------
ajross
I'm not quite sure I see the real threat here. Barring remotely exploitable
firmware bugs, this family of exploits requires access to the hardware. No
security model anywhere can protect a machine from an attacker with physical
access...

~~~
tb
From the OP:

2) as an extension to 1) above it is amazing to discover how simply firmware
can be updated over the wire on specific NICs,

~~~
noonespecial
_on specific NICs_.

This is very important. The rich virus ecosystem that developed in windows did
so because all windows installs are essentially the same.

Attacks on your NIC in not something I'd lose sleep over simply because there
are so darn many nics. I have enough trouble simply getting the authorized
drivers to run on a dozen nics _of the same model number_ consistently. How
much harder would it be to get an exploit to run over the wire on all but the
tiniest fraction of installed nics.

