Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
TeMPOraL
8 months ago
|
parent
|
context
|
favorite
| on:
I turned my ThinkPad into a programmable USB devic...
No surprise, those are near-impossible to avoid. I mean, a simple:
if(check(resource)) { use(resource); }
is already vulnerable, unless you somehow make the entire piece of code run atomically.
X-Cubed
8 months ago
|
next
[–]
One approach is to copy the data to a location that you control first (eg: RAM) and perform both the check and the use of that data from the trusted location. That can be difficult though on embedded devices with constrained resources.
crtasm
8 months ago
|
prev
[–]
For a firmware update: read it into memory or copy it to storage you control first.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
