Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode

From: John Stultz
Date: Fri Jul 27 2012 - 21:50:32 EST

Next message: Colin Cross: "Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode"
Previous message: Dmitry Torokhov: "Re: [RFC ebeam PATCH 3/3] input: misc: New USB eBeam input driver."
In reply to: Anton Vorontsov: "Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode"
Next in thread: Colin Cross: "Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/27/2012 06:26 PM, Anton Vorontsov wrote:

On Fri, Jul 27, 2012 at 12:30:49PM -0700, Colin Cross wrote:
The are two use-cases for the mode, one is evil, but another is quite
legitimate.

The evil use case is used by some (ahem) phone manufaturers that want
to have a debuging facilities on a production device, but still don't
want you to use the debugger to gain root access. I don't like locked
phones, and I would not touch this/get my hands dirty by implementing
the feature just for this evil (IMHO) use case.

The point of the reduced feature set in FIQ debugger is not to prevent
you from accessing your own phone, it designed to prevent others from
trivially rooting your phone and reading your data. Both locked and
unlocked phones run FIQ debugger. Would you carry a phone with
personal data on it and KGDB enabled on the serial console?

Short answer: yes, I would carry such a phone. :-)

Long answer:

If someone was so interested in cracking the phone/data and so
ended up with attaching serial console and attempted to use debugger
techniques to gain access to my data, then thief's next step would be
soldering a few wires to JTAG spots, and it will be all done in
minutes. Knowledge-wise, using JTAG is even more trivial than using the
debugger techniques to get to my data, you just need some HW skills.

The serial console on some of these phones are accessed via the headphone jack.

Imagine an airline provides free noise cancelling headphones for flights. Those headphones are of course "smart" and covertly try to quickly capture data off of the phone's debugger interface, storing on some headphone internal flash, all without the user noticing.

So I think Colin's concerns (regardless of any paranoia about phone OEM's intentions) is reasonable.

thanks
-john

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Colin Cross: "Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode"
Previous message: Dmitry Torokhov: "Re: [RFC ebeam PATCH 3/3] input: misc: New USB eBeam input driver."
In reply to: Anton Vorontsov: "Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode"
Next in thread: Colin Cross: "Re: [PATCH 0/7] KDB: Kiosk (reduced capabilities) mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]