Linked by Thom Holwerda on Wed 1st Jan 2014 19:11 UTC, submitted by jockm
Privacy, Security, Encryption

Remember when I wrote about how your mobile phone runs two operating systems, one of which is a black box we know and understand little about, ripe for vulnerabilities? As many rightfully pointed out in the comments - it's not just mobile phones that have tiny processors for specific tasks embedded in them. As it turns out, memory cards have microprocessors though - and yes, they can be cracked for remote code execution too.

Today at the Chaos Computer Congress (30C3), xobs and I disclosed a finding that some SD cards contain vulnerabilities that allow arbitrary code execution - on the memory card itself. On the dark side, code execution on the memory card enables a class of MITM (man-in-the-middle) attacks, where the card seems to be behaving one way, but in fact it does something else. On the light side, it also enables the possibility for hardware enthusiasts to gain access to a very cheap and ubiquitous source of microcontrollers.

There's so much computing power hidden in the dark.

Thread beginning with comment 579813
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Where's the story?
by DeepThought on Fri 3rd Jan 2014 07:29 UTC in reply to "RE[2]: Where's the story?"
DeepThought
Member since:
2010-07-17

Most checksummed filesystems will already defeat such an attempt, though it always helps to use some crypto-secure hash algorithm.


Right, Didn't think of this. So the malware must know the filesystem.

Is NTFS checksummed?

Reply Parent Score: 1

RE[4]: Where's the story?
by saso on Fri 3rd Jan 2014 10:33 in reply to "RE[3]: Where's the story?"
saso Member since:
2007-04-18

Is NTFS checksummed?

No, it isn't. However, speaking about SD cards, the most common case of executable code being loaded onto these is when they serve as storage expansion in mobile devices, which employ code signing.

Reply Parent Score: 2

RE[5]: Where's the story?
by DeepThought on Fri 3rd Jan 2014 10:59 in reply to "RE[4]: Where's the story?"
DeepThought Member since:
2010-07-17

"Is NTFS checksummed?

No, it isn't. However, speaking about SD cards, the most common case of executable code being loaded onto these is when they serve as storage expansion in mobile devices, which employ code signing.
"

"the most common case"? Well, I would not sign this statement. Anyway a quick search revealed that e.g. Siemesn PLCs use MMC cards. So, wonder how Stuxx came onto those PLCs? Maybe via a hacked MMC card.

Does Siemens use code-signing? I doubt it.

Reply Parent Score: 2