diff options
Diffstat (limited to 'docs/hardware')
| -rw-r--r-- | docs/hardware/dock.md | 151 | ||||
| -rw-r--r-- | docs/hardware/index.md | 51 | ||||
| -rw-r--r-- | docs/hardware/t60_heatsink.md | 112 | ||||
| -rw-r--r-- | docs/hardware/t60_lcd_15.md | 80 | ||||
| -rw-r--r-- | docs/hardware/t60_security.md | 362 | ||||
| -rw-r--r-- | docs/hardware/x60_heatsink.md | 133 | ||||
| -rw-r--r-- | docs/hardware/x60_keyboard.md | 54 | ||||
| -rw-r--r-- | docs/hardware/x60_lcd_change.md | 48 | ||||
| -rw-r--r-- | docs/hardware/x60_security.md | 273 |
9 files changed, 0 insertions, 1264 deletions
diff --git a/docs/hardware/dock.md b/docs/hardware/dock.md deleted file mode 100644 index d5f694ac..00000000 --- a/docs/hardware/dock.md +++ /dev/null @@ -1,151 +0,0 @@ -% Notes about DMA and the docking station (X60/T60) - - Use case: - --------- - Usually when people do full disk encryption, it's not really full disk, - instead they still have a /boot in clear. - - So an evil maid attack can still be done, in two passes: - 1) Clone the hdd, Infect the initramfs or the kernel. - 2) Wait for the user to enter its password, recover the password, - luksOpen the hdd image. - - I wanted a real full-disk encryption so I've put grub in flash and I - have the following: The HDD has a LUKS rootfs(containing /boot) on an - lvm partition, so no partition is in clear. - - So when the computer boots it executes coreboot, then grub as a payload. - Grub then opens the LUKS partition and loads the kernel and initramfs - from there. - - To prevent hardware level tempering(like reflashing), I used nail - polish with a lot of gilder, that acts like a seal. Then a high - resolution picture of it is taken, to be able to tell the difference. - - The problem: - ------------ - But then comes the docking port issue: Some LPC pins are exported - there, such as the CLKRUN and LDRQ#. - - LDRQ# is "Encoded DMA/Bus Master Request": "Only needed by - peripherals that need DMA or bus mastering. Requires an - individual signal per peripheral. Peripherals may not share - an LDRQ# signal." - - So now DMA access is possible trough the dock connector. - So I want to be able to turn that off. - - If I got it right, the X60 has 2 superio, one is in the dock, and the - other one is in the laptop, so we have: - ________________ - _________________ | | - | | | Dock connector:| - |Dock: NSC pc87982|<--LPC--->D_LPC_DREQ0 | - |_________________| |_______^________| - | - | - | - | - ___________________|____ - | v | - | SuperIO: DLDRQ# | - | NSC pc87382 LDRQ# | - |___________________^____| - | - | - | - | - ___________________|___ - | v | - | Southbridge: LDRQ0 | - | ICH7 | - |_______________________| - - The code: - --------- - Now if I look at the existing code, there is some superio drivers, like - pc87382 in src/superio/nsc, the code is very small. - The only interesting part is the pnp_info pnp_dev_info struct. - - Now if I look inside src/mainboard/lenovo/x60 there is some more - complete dock driver: - - Inside dock.c I see some dock_connect and dock_disconnect functions. - - Such functions are called during the initialisation (romstage.c) and - from the X60 SMI handler (smihandler.c). - - Questions: - ---------- - 1) Would the following be sufficent to prevent DMA access from the - outside: - > int dock_connect(void) - > { - > int timeout = 1000; - > + int val; - > + - > + if (get_option(&val, "dock") != CB_SUCCESS) - > + val = 1; - > + if (val == 0) - > + return 0; - > [...] - > } - > - > void dock_disconnect(void) { - > + if (dock_present()) - > + return; - > [...] - > } - 2) Would an nvram option be ok for that? Should a Kconfig option be - added too? - - > config DOCK_AUTODETECT - > bool "Autodetect" - > help - > The dock is autodetected. If unsure select this option. - > - > config DOCK_DISABLED - > bool "Disabled" - > help - > The dock is always disabled. - > - > config DOCK_NVRAM_ENABLE - > bool "Nvram" - > help - > The dock autodetection is tried only if it is also enabled - > trough nvram. - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/index.md b/docs/hardware/index.md deleted file mode 100644 index c864b9db..00000000 --- a/docs/hardware/index.md +++ /dev/null @@ -1,51 +0,0 @@ -% Hardware modifications - -This section relates to hardware maintenance on supported targets. - -[Back to previous index](../). - -- [ThinkPad X60/X60s/X60T: Change keyboard](x60_keyboard.html) (the - procedure on X200/X200S/X200T is almost identical) - -- [ThinkPad X60/X60S: change the fan/heatsink](x60_heatsink.html) -- [ThinkPad X60/X60s: How to change the LCD - panel](x60_lcd_change.html) (incomplete. pics only for now) -- [ThinkPad T60 15.1" changing LCD panel](t60_lcd_15.html) -- [ThinkPad T60: change the fan/heatsink](t60_heatsink.html) -- [ThinkPad X60/X60S: hardware security](x60_security.html) -- [ThinkPad T60: hardware security](t60_security.html) - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/t60_heatsink.md b/docs/hardware/t60_heatsink.md deleted file mode 100644 index ef4502f5..00000000 --- a/docs/hardware/t60_heatsink.md +++ /dev/null @@ -1,112 +0,0 @@ -% Changing heatsink (or CPU) on the ThinkPad T60 - -Using this guide you can also change/upgrade the CPU. - -[Back to previous index](./) - -Hardware requirements {#hardware_requirements} -===================== - -- rubbing alcohol or isopropyl alcohol, and thermal compound for - changing CPU heatsink (procedure involves removing heatsink) - -- thermal compound/paste (Arctic MX-4 is good. Others are also good.) - -Software requirements {#software_requirements} -===================== - -- xsensors -- stress - -Disassembly {#recovery} -=========== - -Remove those screws and remove the HDD:\ -  - -Lift off the palm rest:\ - - -Lift up the keyboard, pull it back a bit, flip it over like that and -then disconnect it from the board:\ -  - - -Gently wedge both sides loose:\ -  - -Remove that cable from the position:\ -  - -Remove the bezel (sorry forgot to take pics). - -On the CPU (and there is another chip south-east to it, sorry forgot to -take pic) clean off the old thermal paste (with the alcohol) and apply -new (Artic Silver 5 is good, others are good too) you should also clean -the heatsink the same way\ - - -This is also an opportunity to change the CPU to another one. For -example if you had a Core Duo T2400, you can upgrade it to a better -processor (higher speed, 64-bit support). A Core 2 Duo T7600 was -installed here. - -Attach the heatsink and install the screws (also, make sure to install -the AC jack as highlighted):\ - - -Reinstall that upper bezel:\ - - -Do that:\ -  - -Attach keyboard:\ - - -Place keyboard and (sorry, forgot to take pics) reinstall the palmrest -and insert screws on the underside:\ - - -It lives!\ -  - - -Always stress test ('stress -c 2' and xsensors. below 90C is ok) when -replacing cpu paste/heatsink:\ - - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/t60_lcd_15.md b/docs/hardware/t60_lcd_15.md deleted file mode 100644 index f8c88720..00000000 --- a/docs/hardware/t60_lcd_15.md +++ /dev/null @@ -1,80 +0,0 @@ -% Changing the LCD panel on a 15.1" T60 - -This is for the 15.1" T60. If you have another size then the procedure -will differ; for example, on 14.1" you have to remove the hinges and -the procedure is a bit more involved than on 15.1". - -[Back to previous index](./) - -Disassembly {#recovery} -=========== - -Remove those covers and unscrew:\ -  - - -Gently pry off the front bezel. - -Remove inverter board:\ - - -Disconnect LCD cable:\ - - -Remove the panel:\ - - -Move the rails (left and right side) from the old panel to the new one -and then attach LCD cable:\ - - -Insert panel (this one is an LG-Philips LP150E05-A2K1, and there are -others. See -[../hcl/\#supported\_t60\_list](../hcl/#supported_t60_list)):\ - - -Insert new inverter board (see -[../hcl/\#supported\_t60\_list](../hcl/#supported_t60_list) for what is -recommended on your LCD panel):\ - - -Now re-attach the front bezel and put all the screws in. - -It lives!\ -  - - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/t60_security.md b/docs/hardware/t60_security.md deleted file mode 100644 index d4d66ca4..00000000 --- a/docs/hardware/t60_security.md +++ /dev/null @@ -1,362 +0,0 @@ -% Security on the ThinkPad T60 - -Hardware modifications to enhance security on the ThinkPad T60. This -tutorial is **incomplete** at the time of writing. - -[Back to previous index](./) - -Table of Contents -================= - -- [Hardware Requirements](#hardware_requirements) -- [Software Requirements](#software_requirements) -- [The procedure](#procedure) - -Hardware requirements {#hardware_requirements} -===================== - -- A T60 -- screwdriver -- Rubbing or isopropyl alcohol, and thermal compound. -- (in a later version of this tutorial: soldering iron and scalpel) - -Software requirements {#software_requirements} -===================== - -- none (at least in the scope of the article as-is) -- You probably want to encrypt your GNU+Linux install using LUKS - -Rationale -========= - -Most people think of security on the software side: the hardware is -important aswell. - -This tutorial deals with reducing the number of devices that have direct -memory access that could communicate with inputs/outputs that could be -used to remotely command the system (or leak data). All of this is -purely theoretical for the time being. - -Disassembly {#procedure} -=========== - -Remove those screws and remove the HDD:\ -  - -Lift off the palm rest:\ - - -Lift up the keyboard, pull it back a bit, flip it over like that and -then disconnect it from the board:\ -  - - -Gently wedge both sides loose:\ -  - -Remove that cable from the position:\ -  - -Now remove that bezel. Remove wifi, nvram battery and speaker connector -(also remove 56k modem, on the left of wifi):\ -\ -Reason: has direct (and very fast) memory access, and could -(theoretically) leak data over a side-channel.\ -**Wifi:** The ath5k/ath9k cards might not have firmware at all. They -might safe but could have access to the computer's RAM trough DMA. If -people have an intel card(most T60 laptops come with Intel wifi by -default, until you change it),then that card runs a non-free firwamre -and has access to the computer's RAM trough DMA! So the risk-level is -very high. - -Remove those screws:\ - - -Disconnect the power jack:\ - - -Remove nvram battery (we will put it back later):\ - - -Disconnect cable (for 56k modem) and disconnect the other cable:\ -  - -Disconnect speaker cable:\ - - -Disconnect the other end of the 56k modem cable:\ - - -Make sure you removed it:\ - - -Unscrew those:\ - - -Make sure you removed those:\ - - -Disconnect LCD cable from board:\ - - -Remove those screws then remove the LCD assembly:\ -  - - -Once again, make sure you removed those:\ - - -Remove the shielding containing the motherboard, then flip it over. -Remove these screws, placing them on a steady surface in the same layout -as they were in before you removed them. Also, you should mark each -screw hole after removing the screw (a permanent marker pen will do), -this is so that you have a point of reference when re-assembling the -system:\ -  -  -  - -Remove microphone (soldering iron not needed. Just wedge it out -gently):\ -\ -**Rationale:**\ -Another reason to remove the microphone: If your computer -gets[\[1\]](#ref1) compromised, it can record what you say, and use it -to receive data from nearby devices if they're compromised too. Also, -we do not know what the built-in microcode (in the CPU) is doing; it -could theoretically be programmed to accept remote commands from some -speaker somewhere (remote security hole). **In other words, the system -could already be compromised from the factory.** - -Remove infrared:\ -  - -Remove cardbus (it's in a socket, no need to disable. Just remove the -port itself):\ -\ -**Rationale:**\ -It has direct memory access and can be used to extract sensitive details -(such as LUKS keys). See 'GoodBIOS' video linked at the end (speaker -is Peter Stuge, a coreboot hacker). The video covers X60 but the same -topics apply to T60. - -Before re-installing the upper chassis, remove the speaker:\ - \ -Reason: combined with the microphone issue, this could be used to leak -data.\ -If your computer gets[\[1\]](#ref1) compromised, it can be used to -transmit data to nearby compromised devices. It's unknown if it can be -turned into a microphone[\[2\]](#ref2).\ -Replacement: headphones/speakers (line-out) or external DAC (USB). - -Remove the wwan:\ -\ -**Wwan (3g modem):** They run proprietary software! It's like AMT but -over the GSM network which is probably even worse.\ -Replacement: external USB wifi dongle. (or USB wwan/3g dongle; note, -this has all the same privacy issues as mobile phones. wwan not -recommended). - -This is where the simcard connector is soldered. See notes above about -wwan. Remove simcard by removing battery and then it's accessible (so, -remember to do this when you re-assemble. or you could do it now?)\ - - -Put those screws back:\ - - -Put it back into lower chassis:\ - - -Attach LCD and insert screws (also, attach the lcd cable to the board):\ - - -Insert those screws:\ - - -On the CPU (and there is another chip south-east to it, sorry forgot to -take pic) clean off the old thermal paste (with the alcohol) and apply -new (Artic Silver 5 is good, others are good too) you should also clean -the heatsink the same way\ - - -Attach the heatsink and install the screws (also, make sure to install -the AC jack as highlighted):\ - - -Reinstall that upper bezel:\ - - -Do that:\ -  - -Attach keyboard and install nvram battery:\ -  - -Place keyboard and (sorry, forgot to take pics) reinstall the palmrest -and insert screws on the underside:\ - - -Remove those covers and unscrew:\ -  - - -Gently pry off the front bezel (sorry, forgot to take pics). - -Remove bluetooth module:\ -  - -Re-attach the front bezel and re-insert the screws (sorry, forgot to -take pics). - -It lives!\ -  - - -Always stress test ('stress -c 2' and xsensors. below 90C is ok) when -replacing cpu paste/heatsink:\ - - -Not covered yet: ----------------- - -- Disable flashing the ethernet firmware -- Disable SPI flash writes (can be re-enabled by unsoldering two - parts) - -- Disable use of xrandr/edid on external monitor (cut 2 pins on VGA) -- Disable docking station (might be possible to do it in software, in - coreboot upstream as a Kconfig option) - -Go to -<http://media.ccc.de/browse/congress/2013/30C3_-_5529_-_en_-_saal_2_-_201312271830_-_hardening_hardware_and_choosing_a_goodbios_-_peter_stuge.html> -or directly to the video: -<http://mirror.netcologne.de/CCC/congress/2013/webm/30c3-5529-en-Hardening_hardware_and_choosing_a_goodBIOS_webm.webm>. - -A lot of this tutorial is based on that video. Look towards the second -half of the video to see how to do the above. - -Also not covered yet: ---------------------- - -- Intrusion detection: randomized seal on screws - - Just put nail polish with lot of glider on the important screws, - take some good pictures. Keep the pictueres and make sure of their - integrity. Compare the nail polish with the pictures before powering - on the laptop. -- Tips about preventing/mitigating risk of cold boot attack. - - soldered RAM? - - wipe all RAM at boot/power-off/power-on? (patch in coreboot - upstream?) - - ask gnutoo about fallback patches (counts number of boots) -- General tips/advice and web links showing how to detect physical - intrusions. -- For example: <http://cs.tau.ac.il/~tromer/acoustic/> or - <http://cyber.bgu.ac.il/content/how-leak-sensitive-data-isolated-computer-air-gap-near-mobile-phone-airhopper>. -- <https://en.wikipedia.org/wiki/Tempest_%28codename%29> -- https://gitorious.org/gnutoo-for-coreboot/grub-assemble/source/a61f636797777a742f65f4c9c58032aa6a9b23c3: - -Extra notes -=========== - -EC: Cannot be removed but can be mitigated: it contains non-free -non-loadable code, but it has no access to the computer's RAM. It has -access to the on-switch of the wifi, bluetooth, modem and some other -power management features. The issue is that it has access to the -keyboard, however if the software security howto **(not yet written)** -is followed correctly, it won't be able to leak data to a local -attacker. It has no network access but it may still be able to leak data -remotely, but that requires someone to be nearby to recover the data -with the help of an SDR and some directional antennas[\[3\]](#ref3). - -[Intel 82573 Ethernet -controller](http://www.coreboot.org/Intel_82573_Ethernet_controller) on -the X60 seems safe, according to Denis. - -Risk level ----------- - -- Modem (3g/wwan): highest -- Intel wifi: Near highest -- Atheros PCI wifi: unknown, but lower than intel wifi. -- Microphone: only problematic if the computer gets compromised. -- Speakers: only problematic if the computer gets compromised. -- EC: can be mitigated if following the guide on software security. - -Further reading material (software security) -============================================ - -- [Installing Debian or Devuan GNU+Linux with full disk encryption - (including /boot)](../gnulinux/encrypted_debian.html) -- [Installing Parabola GNU+Linux with full disk encryption (including - /boot)](../gnulinux/encrypted_parabola.html) -- [Notes about DMA access and the docking station](dock.html) - -References -========== - -\[1\] physical access {#ref1} ---------------------- - -Explain that black hats, TAO, and so on might use a 0day to get in, and -explain that in this case it mitigates what the attacker can do. Also -the TAO do some evaluation before launching an attack: they take the -probability of beeing caught into account, along with the kind of -target. A 0day costs a lot of money, I heard that it was from 100000\$ -to 400000\$, some other websites had prices 10 times lower but that but -it was probably a typo. So if people increase their security it makes it -more risky and more costly to attack people. - -\[2\] microphone {#ref2} ----------------- - -It's possible to turn headphones into a microphone, you could try -yourself, however they don't record loud at all. Also intel cards have -the capability to change a connector's function, for instance the -microphone jack can now become a headphone plug, that's called -retasking. There is some support for it in GNU+Linux but it's not very -well known. - -\[3\] Video (CCC) {#ref3} ------------------ - -30c3-5356-en-Firmware\_Fat\_Camp\_webm.webm from the 30th CCC. While -their demo is experimental(their hardware also got damaged during the -transport), the spies probably already have that since a long time. -<http://berlin.ftp.media.ccc.de/congress/2013/webm/30c3-5356-en-Firmware_Fat_Camp_webm.webm> - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/x60_heatsink.md b/docs/hardware/x60_heatsink.md deleted file mode 100644 index 9930a12a..00000000 --- a/docs/hardware/x60_heatsink.md +++ /dev/null @@ -1,133 +0,0 @@ -% Changing the fan/heatsink on the ThinkPad X60 - -This guide will teach you how to replace the fan and heatsink on your -ThinkPad X60. - -Table of Contents -================= - -- [Hardware Requirements](#hardware_requirements) -- [Software Requirements](#software_requirements) -- [Disassembly](#procedure) - -Hardware requirements {#hardware_requirements} -===================== - -- isopropyl alcohol (sometimes called rubbing alcohol) -- your new fan and/or heatsink -- CPU thermal compound (some say Arctic MX-4 is good, others are also - 'ok') - -- Something to spread the paste with - -Software requirements (for CPU stress testing) {#software_requirements} -============================================== - -- xsensors utility -- stress utility - -Disassembly {#procedure} -=========== - -Remove those screws:\ - - -Push the keyboard forward (carefully):\ - - -Lift the keyboard up and disconnect it from the board:\ - - -Grab the right-hand side of the chassis and force it off (gently) and -pry up the rest of the chassis:\ - - -You should now have this:\ - - -Disconnect the wifi antenna cables, the modem cable and the speaker:\ - - -Unroute the cables along their path, carefully lifting the tape that -holds them in place. Then, disconnect the modem cable (other end) and -power connection and unroute all the cables so that they dangle by the -monitor hinge on the right-hand side:\ - - -Disconnect the monitor from the motherboard, and unroute the grey -antenna cable, carefully lifting the tape that holds it into place:\ - - -Carefully lift the remaining tape and unroute the left antenna cable so -that it is loose:\ - - -Remove those screws:\ - - -Remove those screws:\ - - -Carefully remove the plate, like so:\ - - -Remove the SATA connector:\ - - -Now remove the motherboard (gently) and cast the lcd/chassis aside:\ - - -Look at that black tape above the heatsink, remove it:\ - - -Now you have removed it:\ - - -Disconnect the fan and remove all the screws, heatsink will easily come -off:\ - - -Remove the old paste with a cloth (from the CPU and heatsink) and then -clean both of them with the alcohol (to remove remaining residue of the -paste). Apply a pea-sized amount of paste to the both chipsets that the -heatsink covered and spread it evenly (uniformally). Finally reinstall -the heatsink, reversing previous steps. - -**stress -c 2** command can be used to push the CPU to 100%, and -**xsensors** (or **watch sensors** command) can be used to monitor heat. -Below 90C is ok. - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/x60_keyboard.md b/docs/hardware/x60_keyboard.md deleted file mode 100644 index 043eee24..00000000 --- a/docs/hardware/x60_keyboard.md +++ /dev/null @@ -1,54 +0,0 @@ -% Thinkpad X60/X60s/X60t: Change keyboard - -Use this guide to replace the keyboard on your ThinkPad X60. Also works -for X60s and X60 Tablet. - -Although slightly different, this guide can also be followed for the -ThinkPad X200, X200S and X200 Tablet. The screws are in more or less the -same place, and it's the same procedure. - -[Back to previous index](./) - -Just follow these steps, and then reverse {#recovery} -========================================= - -\ -\ -\ -\ - - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/x60_lcd_change.md b/docs/hardware/x60_lcd_change.md deleted file mode 100644 index bf046626..00000000 --- a/docs/hardware/x60_lcd_change.md +++ /dev/null @@ -1,48 +0,0 @@ -% Changing the LCD panel on X60 - -This tutorial is incomplete, and only pictures for now. - -[Back to previous index](./) - - - - - - - - - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - diff --git a/docs/hardware/x60_security.md b/docs/hardware/x60_security.md deleted file mode 100644 index 3c1ec193..00000000 --- a/docs/hardware/x60_security.md +++ /dev/null @@ -1,273 +0,0 @@ -% Security on the ThinkPad X60 - -Hardware modifications to enhance security on the ThinkPad X60. This -tutorial is **incomplete** at the time of writing. - -[Back to previous index](./) - -Table of Contents -================= - -- [Hardware Requirements](#hardware_requirements) -- [Software Requirements](#software_requirements) -- [The procedure](#procedure) - -Hardware requirements {#hardware_requirements} -===================== - -- An X60 -- screwdriver -- (in a later version of this tutorial: soldering iron and scalpel) - -Software requirements {#software_requirements} -===================== - -- none (at least in the scope of the article as-is) -- You probably want to encrypt your GNU+Linux install using LUKS - -Rationale -========= - -Most people think of security on the software side: the hardware is -important aswell. - -This tutorial deals with reducing the number of devices that have direct -memory access that could communicate with inputs/outputs that could be -used to remotely command the system (or leak data). All of this is -purely theoretical for the time being. - -Disassembly {#procedure} -=========== - -Firstly remove the bluetooth (if your X60 has this):\ -The marked screws are underneath those stickers (marked in those 3 -locations at the bottom of the LCD assembly):\ -\ -Now gently pry off the bottom part of the front bezel, and the bluetooth -module is on the left (easily removable):\ -\ - -If your model was WWAN, remove the simcard (check anyway):\ -Uncover those 2 screws at the bottom:\ -\ -SIM card (not present in the picture) is in the marked location:\ -\ -Replacement: USB dongle. - -Now get into the motherboard. - -Remove those screws:\ - - -Push the keyboard forward (carefully):\ - - -Lift the keyboard up and disconnect it from the board:\ - - -Grab the right-hand side of the chassis and force it off (gently) and -pry up the rest of the chassis:\ - - -You should now have this:\ - - -The following is a summary of what you will remove (already done to this -system):\ -\ -Note: the blue lines represent antenna cables and modem cables. You -don't need to remove these, but you can if you want (to make it tidier -after removing other parts). I removed the antenna wires, the modem -jack, the modem cable and also (on another model) a device inside the -part where the wwan antenna goes (wasn't sure what it was, but I knew -it wasn't needed). **This is optional** - -Remove the microphone (can desolder it, but you can also easily pull it -off with you hands). Already removed here:\ -\ -**Rationale:**\ -Another reason to remove the microphone: If your computer -gets[\[1\]](#ref1) compromised, it can record what you say, and use it -to receive data from nearby devices if they're compromised too. Also, -we do not know what the built-in microcode (in the CPU) is doing; it -could theoretically be programmed to accept remote commands from some -speaker somewhere (remote security hole). **In other words, the system -could already be compromised from the factory.** - -Remove the modem:\ -\ -(useless, obsolete device) - -Remove the speaker:\ -\ -Reason: combined with the microphone issue, this could be used to leak -data.\ -If your computer gets[\[1\]](#ref1) compromised, it can be used to -transmit data to nearby compromised devices. It's unknown if it can be -turned into a microphone[\[2\]](#ref2).\ -Replacement: headphones/speakers (line-out) or external DAC (USB). - -Remove the wlan (also remove wwan if you have it):\ -\ -Reason: has direct (and very fast) memory access, and could -(theoretically) leak data over a side-channel.\ -**Wifi:** The ath5k/ath9k cards might not have firmware at all. They -might safe but could have access to the computer's RAM trough DMA. If -people have an intel card(most X60s come with Intel wifi by default, -until you change it),then that card runs a non-free firwamre and has -access to the computer's RAM trough DMA! So the risk-level is very -high.\ -**Wwan (3g modem):** They run proprietary software! It's like AMT but -over the GSM network which is probably even worse.\ -Replacement: external USB wifi dongle. (or USB wwan/3g dongle; note, -this has all the same privacy issues as mobile phones. wwan not -recommended). - -Not covered yet: ----------------- - -- Disable cardbus (has fast/direct memory access) -- Disable firewire (has fast/direct memory access) -- Disable flashing the ethernet firmware -- Disable SPI flash writes (can be re-enabled by unsoldering two - parts) - -- Disable use of xrandr/edid on external monitor (cut 2 pins on VGA) -- Disable docking station (might be possible to do it in software, in - coreboot upstream as a Kconfig option) - -Go to -<http://media.ccc.de/browse/congress/2013/30C3_-_5529_-_en_-_saal_2_-_201312271830_-_hardening_hardware_and_choosing_a_goodbios_-_peter_stuge.html> -or directly to the video: -<http://mirror.netcologne.de/CCC/congress/2013/webm/30c3-5529-en-Hardening_hardware_and_choosing_a_goodBIOS_webm.webm>. - -A lot of this tutorial is based on that video. Look towards the second -half of the video to see how to do the above. - -Also not covered yet: ---------------------- - -- Intrusion detection: randomized seal on screws - - Just put nail polish with lot of glider on the important screws, - take some good pictures. Keep the pictueres and make sure of their - integrity. Compare the nail polish with the pictures before powering - on the laptop. -- Tips about preventing/mitigating risk of cold boot attack. - - soldered RAM? - - seal RAM door shut (possibly modified lower chassis) so that - system has to be disassembled (which has to go through the nail - polish) - - wipe all RAM at boot/power-off/power-on? (patch in coreboot - upstream?) - - ask gnutoo about fallback patches (counts number of boots) -- General tips/advice and web links showing how to detect physical - intrusions. -- For example: <http://cs.tau.ac.il/~tromer/acoustic/> or - <http://cyber.bgu.ac.il/content/how-leak-sensitive-data-isolated-computer-air-gap-near-mobile-phone-airhopper>. -- <https://en.wikipedia.org/wiki/Tempest_%28codename%29> -- https://gitorious.org/gnutoo-for-coreboot/grub-assemble/source/a61f636797777a742f65f4c9c58032aa6a9b23c3: - -Extra notes -=========== - -EC: Cannot be removed but can be mitigated: it contains non-free -non-loadable code, but it has no access to the computer's RAM. It has -access to the on-switch of the wifi, bluetooth, modem and some other -power management features. The issue is that it has access to the -keyboard, however if the software security howto **(not yet written)** -is followed correctly, it won't be able to leak data to a local -attacker. It has no network access but it may still be able to leak data -remotely, but that requires someone to be nearby to recover the data -with the help of an SDR and some directional antennas[\[3\]](#ref3). - -[Intel 82573 Ethernet -controller](http://www.coreboot.org/Intel_82573_Ethernet_controller) on -the X60 seems safe, according to Denis. - -Risk level ----------- - -- Modem (3g/wwan): highest -- Intel wifi: Near highest -- Atheros PCI wifi: unknown, but lower than intel wifi. -- Microphone: only problematic if the computer gets compromised. -- Speakers: only problematic if the computer gets compromised. -- EC: can be mitigated if following the guide on software security. - -Further reading material (software security) -============================================ - -- [Installing Debian or Devuan GNU+Linux with full disk encryption - (including /boot)](../gnulinux/encrypted_debian.html) -- [Installing Parabola GNU+Linux with full disk encryption (including - /boot)](../gnulinux/encrypted_parabola.html) -- [Notes about DMA access and the docking station](dock.html) - -References -========== - -\[1\] physical access {#ref1} ---------------------- - -Explain that black hats, TAO, and so on might use a 0day to get in, and -explain that in this case it mitigates what the attacker can do. Also -the TAO do some evaluation before launching an attack: they take the -probability of beeing caught into account, along with the kind of -target. A 0day costs a lot of money, I heard that it was from 100000\$ -to 400000\$, some other websites had prices 10 times lower but that but -it was probably a typo. So if people increase their security it makes it -more risky and more costly to attack people. - -\[2\] microphone {#ref2} ----------------- - -It's possible to turn headphones into a microphone, you could try -yourself, however they don't record loud at all. Also intel cards have -the capability to change a connector's function, for instance the -microphone jack can now become a headphone plug, that's called -retasking. There is some support for it in GNU+Linux but it's not very -well known. - -\[3\] Video (CCC) {#ref3} ------------------ - -30c3-5356-en-Firmware\_Fat\_Camp\_webm.webm from the 30th CCC. While -their demo is experimental(their hardware also got damaged during the -transport), the spies probably already have that since a long time. -<http://berlin.ftp.media.ccc.de/congress/2013/webm/30c3-5356-en-Firmware_Fat_Camp_webm.webm> - -Copyright © 2014, 2015 Leah Rowe <info@minifree.org>\ -Permission is granted to copy, distribute and/or modify this document -under the terms of the Creative Commons Attribution-ShareAlike 4.0 -International license or any later version published by Creative -Commons; A copy of the license can be found at -[../cc-by-sa-4.0.txt](../cc-by-sa-4.0.txt) - -Updated versions of the license (when available) can be found at -<https://creativecommons.org/licenses/by-sa/4.0/legalcode> - -UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT -POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS AND -AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND -CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, IMPLIED, STATUTORY, -OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, WARRANTIES OF TITLE, -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, -ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OR ABSENCE -OF ERRORS, WHETHER OR NOT KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF -WARRANTIES ARE NOT ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT -APPLY TO YOU. - -TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU -ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE) OR -OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, -PUNITIVE, EXEMPLARY, OR OTHER LOSSES, COSTS, EXPENSES, OR DAMAGES -ARISING OUT OF THIS PUBLIC LICENSE OR USE OF THE LICENSED MATERIAL, EVEN -IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES, -COSTS, EXPENSES, OR DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT -ALLOWED IN FULL OR IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - -The disclaimer of warranties and limitation of liability provided above -shall be interpreted in a manner that, to the extent possible, most -closely approximates an absolute disclaimer and waiver of all liability. - |