Re: [PATCH] USB: disable all RNDIS protocol drivers
From: Greg Kroah-Hartman
Date: Wed Jan 11 2023 - 09:57:25 EST
On Wed, Jan 11, 2023 at 02:38:04PM +0100, Jan Engelhardt wrote:
>
> On Wednesday 2022-11-23 13:46, Greg Kroah-Hartman wrote:
> >
> >The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
> >any system that uses it with untrusted hosts or devices. Because the
> >protocol is impossible to make secure, just disable all rndis drivers to
> >prevent anyone from using them again.
> >
> >Windows only needed this for XP and newer systems, Windows systems older
> >than that can use the normal USB class protocols instead, which do not
> >have these problems.
>
>
> In other news, someone just proposed adding "RNDIS" things to UEFI, so
> now the security problem is added right back into machines but at
> another layer?!
>
> https://edk2.groups.io/g/devel/topic/patch_1_3/95531719
I guess systems that use this will always have to trust that the device
plugged into them is "trusted". Seems like an easy way to get access to
a "locked down" system if you ever need it :)
{sigh}
greg k-h