Project

General

Profile

Feature #5631

Disable PCMCIA when unused at boot

Added by Tails about 6 years ago. Updated over 5 years ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:
Starter:
No
Affected tool:

Description

I find pcmcia invaluable for wifi and card readers.

What would be gained by crippling it?

According to PCMCIA, 32bit PCMCIA gets DMA. This would be the main reason to disable it, I believe.

We discussed what usability vs. security balance we want.

See also disable expresscard? (#5828)

There was a demonstration where a pcmcia firewire card was inserted into a live running system, the host OS auto-installed it, and then the firewire-exploit was used on its firewire ports pcmcia already gets dma, and could be used in other unforeseen ways the 5 minute window looks like the best compromise

wait for protect against external bus memory forensics (#5451).


Related issues

Related to Tails - Feature #5828: Disable ExpressCard when it's unused at boot Confirmed
Related to Tails - Feature #5547: Deactivate PCMCIA, ExpressCard and FireWire if unused after 5 minutes Confirmed
Blocked by Tails - Feature #5451: Protect against external bus exploitation Confirmed 06/13/2015

History

#1 Updated by intrigeri about 6 years ago

  • Subject changed from disable pcmcia? to disable PCMCIA when unused at boot

#2 Updated by intrigeri about 6 years ago

  • Type of work changed from Wait to Code

#3 Updated by BitingBird over 5 years ago

  • Subject changed from disable PCMCIA when unused at boot to Disable PCMCIA when unused at boot
  • Starter set to No

#4 Updated by BitingBird almost 5 years ago

  • Related to Feature #5828: Disable ExpressCard when it's unused at boot added

#5 Updated by BitingBird almost 5 years ago

  • Related to Feature #5547: Deactivate PCMCIA, ExpressCard and FireWire if unused after 5 minutes added

Also available in: Atom PDF