
Inception - Root any machine over FireWire, Thunderbolt, others - rdn
http://www.breaknenter.org/projects/inception/
======
seldo
It seems like the root problem here, as in lots of security problems, is an
assumption made early on is no longer valid (e.g. "this application only runs
on our LAN, so no need to protect against malicious actors"). In this case,
PCI was originally an internal technology -- adding a new PCI device involved
opening the case and plugging in a new card. Pluggable PCIe devices changed
that assumption, so things that were previously pretty safe (trusting a new
piece of hardware physically installed into the box) became unsafe (trusting a
random device plugged into the box).

~~~
AaronFriel
It's not even that - well, maybe a little bit that, but all pieces of hardware
with independent processors could theoretically own your machine. (Even,
theoretically, pieces of hardware that attach to your machine that only
emulate simple state machines could hijack your CPU and make a "weird
machine".)

The problem here is fundamentally one of performance - PCIe and other devices
cannot function efficiently without direct memory access. The only reason
FireWire was capable of the speeds it originally was, was because of DMA. USB
didn't have DMA (and still doesn't? I think..) and so for shuttling large
amounts of uncompressed data into the address space of a consuming
application, it was incredibly inefficient to involve the CPU.

PCI-Express and other buses followed a similar route - DMA is vastly superior
to every other way of transferring data.

Theoretically an I/O memory management unit with virtualization support could
protect your machine, but I don't know if any OSes and hardware combinations
actually _use_ that to protect the machine.

~~~
nine_k
The problem is not in DMA. The problem is that DMA is allowed across memory
protection, without authorization and _without user consent_.

I suppose it made sense when Macs and PCs ran single-user OSes on hardware
that lacked memory protection. Keeping the default behavior from that day is
not wise for, well, last decade or so. (Fresh OSX seems to have changed
accordingly, as the tool's page mentions.)

~~~
yuliyp
You mean the problem with Direct Memory Access is that it's Direct? Memory
protection, authorization checks, and user consent are all implemented by the
CPU knowing which pieces of memory are what. If you use DMA you're just
writing to and reading from specific locations on the RAM chips, irrespective
of what the CPU wants you to do. RAM chips don't have ACLs; They'll do
whatever requests hit their pins.

~~~
Dylan16807
It's really easy to have direct access to a single range of memory and no
access outside of that range. It's also really easy to have somewhat more
complicated schemes. There is nothing inherently insecure about DMA. It's just
shoddy protocols and/or protocols used in unexpected ways.

~~~
reeses
This is another of those "people did it 100 years ago and now we have to
reinvent it" things. The Mark I would never have had this problem.

------
teddyh
This part was especially interesting:

 _Q: Isn’t FireWire a dying horse? Few laptops ship with FireWire ports these
days, which makes Inception a useless tool.

A: You can use any interface that expands the PCIe bus, for example PCMCIA,
ExpressCards, the new Thunderbolt interface and perhaps SD/IO to hotplug a
FireWire interface into the victim machine. The OS will install the necessary
drivers on the fly, even when the machine is locked._

~~~
userbinator
But this also has a positive side:

 _Ensure that FireWire drivers are present and not removed from the system_

In other words, if you don't have FireWire drivers installed, then this won't
do anything; another plus for not installing the drivers for those who have a
system with FireWire ports but never need to use them.

My laptop has both FireWire _and_ USB controllers disabled, the former because
I never use it and the latter because I almost never use it - and when I do, I
find it's not too much hassle to go into the Device Manager and enable the one
for the one port I intend to use. Another positive side-effect is that the USB
drivers seem to take a rather long time to initialise, so booting is much
faster without them.

~~~
Fasebook
These interfaces have DMA, they don't need drivers to interface with the
hardware.

~~~
Sanddancer
They do need a driver to set up which DMA channel to use, etc. While these
devices can go nuts once things are up and running, just plugging it in won't
do anything until the computer actually acknowledges it.

~~~
RexRollman
So, for example, if one builds a custom Linux kernel without support for
Firewire, then plugging in a firewire controller would do nothing? It couldn't
access anything?

~~~
Sanddancer
Exactly. A PCI(e) device needs to ask things of the kernel for it to
initialize. Until it gets that info, it's just a motherboard warmer.

------
comex
Note that on newer processors, VT-d is supposed to entirely prevent this
attack on CPUs that support it (damn Intel), and OSes do use it [1]. I'm
curious whether anyone has tried to search for bugs in those implementations.

[1]
[https://developer.apple.com/library/mac/documentation/Hardwa...](https://developer.apple.com/library/mac/documentation/HardwareDrivers/Conceptual/ThunderboltDevGuide/DebuggingThunderboltDrivers/DebuggingThunderboltDrivers.html)

~~~
etc
It's worse than that. The processor might support VT-d, but your motherboard
chipset also has to support it. Even then, you might get a BIOS that doesn't
expose the necessary information. All of these things are subject to market
segmentation and other such unpleasantness.

In the end, unless you can coerce a DMAR table out of the machine, I'm not
sure how you can tell if the thing actually supports VT-d.

------
captainmuon
Wait, firewire devices are allowed to write to any address in memory they like
to? How ridiculous is that? Why is there no memory protection?

I wonder how to block this... It seems like it can only write to the lower 4
GB... RAM is cheap... so add an addtional 4 GB and then modify the kernel to
load everything critical above the boundary?

~~~
nly
The fix is to fill the FireWire port with rubber cement.

~~~
alanh
May be effective against casual industrial espionage, but it’s a fat lot of
good that’s going to do if your computer was seized. It can’t be hard for a
forensics lab to get around that particular defense!

[http://www.youtube.com/watch?v=ynzcUw9wv0E#t=18](http://www.youtube.com/watch?v=ynzcUw9wv0E#t=18)
(where rubber cement is the leaf. just go around it!)

------
userbinator
Nothing exciting here... if you have physical access, it's game over.

~~~
jedbrown
I asked about this just the other day because I use full-disk encryption, but
rarely shut the machine down (just sleep with screen lock). The responder was
fairly confident that this was not a concern, but Inception does not require
an implausible level of expertise to use, yet it would render my encryption
useless (assuming the driver is present).

[https://news.ycombinator.com/item?id=7113788](https://news.ycombinator.com/item?id=7113788)

A couple years ago, I chased down and tackled a guy who snatched my laptop on
the Blue Line in Chicago. The threat of laptop theft is real and I'd like to
mitigate the damage that would result without compromising my ability to work.

~~~
gizmo686
Even without this type of PCI attack, you still have to worry about a cold
boot attack. This is were the attacker quickly power-cycles the computer to
boot into another OS (or special purpose boot code), and performs a memory
dump. Often times the power cycles quickly enough that useful amounts of data
remain in the RAM. This attack can be made more effective if you can get
physical access to the RAM and cool it.

As most (if not all) disk encryption programs store an expanded version of the
key in memory, there is significant redundancy to recover from the partially
lost data.

~~~
coldtea
> _This is were the attacker quickly power-cycles the computer to boot into
> another OS (or special purpose boot code), and performs a memory dump. Often
> times the power cycles quickly enough that useful amounts of data remain in
> the RAM. This attack can be made more effective if you can get physical
> access to the RAM and cool it._

Has anybody ever did this to someone?

Outside of Bond movies?

~~~
gizmo686
[https://citp.princeton.edu/research/memory/](https://citp.princeton.edu/research/memory/)

A few years ago, I tried this on my own laptop. I didn't have any sort of full
disk encryption to test against, so I simply checked the RAM dump for
plaintext looking things. Without having cooled the RAM (or opened the
computer at all), there was a significant amount of meaningful plain-text. If
you are interested in actual data about how effective this is, you should
probably ignore my antecedent and look at the research paper in the above
link.

Given how easy this attack is for its effectiveness, I would be suprised if it
is not used.

------
Sanddancer
While this attack is a bit old, the proofs of concept remain, except you can
do more fun things with certain hardware released in the interim. For example,
Apple's firewire display uses a broadcom networking chip that is susceptable
to people writing malicious firmware for -- [http://esec-
lab.sogeti.com/post/2010/11/21/Presentation-at-H...](http://esec-
lab.sogeti.com/post/2010/11/21/Presentation-at-Hack.lu-%3A-Reversing-the-
Broacom-NetExtreme-s-firmware) . Fitting a malicious payload into the given
space may be a bit tough, but I imagine the intrepid hacker can do it with
style and flare.

------
runn1ng
(2011) should be added to the title; see the date of the comments below the
article.

------
drakaal
Couple of caveats. Many Laptops have Firewire ports that are attached via USB
for cost reasons. These 1394 ports will do DV, and attached storage but are
not DMA.

Thunderbolt on Windows 8 has an option for Allow DMA by Default, or not. This
option is so that you can do a bit more prioritizing of your bandwidth.

Windows 8 also has a setting for "install new hardware automatically" which if
you disable you can only install hardware if you are logged in and click the
install button.

Windows 8 will also not allow you to install a new device if you are not
logged in as Admin, or you have the Annoying UAC enabled.

So while Mac and some Linux systems will have this vulnerability because you
don't have to be an admin to have new hardware enabled if the drivers are on
the system, Windows should be safe unless you changed your rights.

On a corporate network with machines where the users run in least user
privilege, Windows 8, and Windows 7 users are safe.

------
kalleboo
> Don’t panic – if you are using FileVault2 and OS X Lion (10.7.2) and higher,
> the OS will automatically turn off DMA when locked – you’re still vulnerable
> to attacks when unlocked, though

So, not really a problem then?

~~~
robin_reala
Imagine a Thunderbolt display on a desk. The attacker builds a small box that
plugs into the firewire port on the back and exposes the port over wifi (or
runs a prewritten script). The target plugs in their computer to work and is
rooted.

~~~
tlarkworthy
Instead of that, I would sniff a supplied keyboard instead.

------
vezzy-fnord
This is relatively old. I first recall seeing it a few years ago.

~~~
jseliger
If so, why haven't Microsoft and Apple patched it?

~~~
AaronFriel
It isn't a software issue - it's a hardware issue. FireWire and these other
specifications require direct memory access. If you plug in a device and it
emulates something that requests DMA from the hardware, your machine can be
owned.

The solution is an IO memory management unit with virtualized access to
physical memory. I am not sure how you can actually enforce this to devices on
the bus though.

~~~
__david__
The solution is easier than that: only open up the appropriate buffers to DMA.
It doesn't need to be virtualized, it just needs to be bounds checked.

Maybe I'm spoiled by good hardware, but when I wrote FireWire drivers for
embedded systems, we didn't just open up DMA access to RAM willy-nilly.

I honestly don't know enough about OHCI to know what the hardware setup is
like, but I suspect it's just laziness.

------
ballard
0\. Is there a way to disable FireWire and Thunderbolt ports on OSX?

1\. Is there yet any I/O firewall like Little Snitch or Hands Off! are for
files and network?

2\. Linux and Windows also desperately need I/O firewalls.

~~~
mike-cardwell
[http://www.hermann-uwe.de/blog/physical-memory-attacks-
via-f...](http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-
dma-part-1-overview-and-mitigation)

------
alanh
_OS X: Don’t panic – if you are using FileVault2 and OS X Lion (10.7.2) and
higher, the OS will automatically turn off DMA when locked – you’re still
vulnerable to attacks when unlocked, though_

Phew.

------
almosnow
Awesome work, loved thr name

