1

Lately there is a trend were input/output devices and interfaces are used for either exploits (taking advantage of their vulnerabilities) or to blatantly "copy" near by audio/video information.

So, could a firewall be build to control data input/output on these interfaces?

By interfaces I mean to all human devices used to control a personal computer, such as audio capturing devices, video capturing devices, input devices like keyboard, mouse, gamepads, etc., and output devices like sound cards, graphic cards.

techraf
  • 9,159
  • 11
  • 45
  • 63
Kover Paul
  • 13
  • 3

1 Answers1

1

High-availability operating systems which have multiple layers of software abstraction and filtering acting like input/output firewalls already exist. These operating systems leverage multiple layers of input formatting and protection at each device input area but these are generally for specialized high availability hardware. Effectively these are very good at dealing with buffer overflow problems and rewriting poorly formatted or intentionally manipulated input.

The problem with doing this on traditional PC's occurs with Direct Memory Access protocols like PCIe, Firewire, and Thunderbolt. Due to the use of these interfaces we may not be able to put appropriate software hooks in place to prevent attacks. So for traditional hardware this may be a hard problem. That said with the costs of custom hardware dropping maybe it's time this could be re-addressed. I think enough people are concerned about security at this point that the interest is certainly present now.

Trey Blalock
  • 14,209
  • 6
  • 45
  • 49