I want to move data from an insecure host to a secure host, e.g. to update the software on a Ballot marking device, or move data back and forth between such hosts. But as we know, even common thumb drives can stage BadUSB attacks.
Until 2019, I was thinking that SD card interfaces were significantly less vulnerable than USB ports (though not totally secure), as explained here by one of the BadUSB experts: Can SD-Card be a vector of a BadUSB type attack when used with a USB reader?
But I just watched the amazing presentation on Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals – NDSS Symposium which details how Thunderbolt support exposes a huge attack surface via DMA and the complex PCIe protocols involved. They also specifically note near the end of their presentation that SD card version 7.0 supports DMA, which brings with it a whole host of related risks. In fact the 7.0 SD Express bus implements PCIe also, as noted in SD card - Wikipedia
For those who value protection of their hosts against peripherals more than the speed of IO transfers, how can we avoid these attack surfaces? Proper implementation of Input–output memory management unit (IOMMU) protections can help, but doing that right seems barely out of its infancy.
Would specing SD card support below the level of 7.0 help? Or are there ways to select or reliably configure host drivers to decline to support DMA and the like?
Or are there other similar attacks on older SD card interfaces, in which case they are also suspect, and we should go back to moving data around on writable DVDs or via data diodes like QR codes?
