Re: Firewire Attack on Windows Vista
--nextPart1524852.Cns6UL1F9k
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Thu, 6 Mar 2008, Roger A. Grimes wrote:
> As somewhat indicated in the paper itself, these types of physical
> DMA attacks are possible against any PC-based OS, not just Windows.
> If that's true, why is the paper titled around Windows Vista?
>
> I guess it makes headlines faster. But isn't as important, if not
> more important, to say all PC-based systems have the same underlying
> problem? That it's a broader problem needing a broader solution,
> instead of picking on one OS vendor to get headlines?
Well it IS a new kid on the block, other systems have already had this=20
problem reported.. It would certainly be more interesting if Vista=20
wasn't vulnerable though :)
That said, according to the fwohci source in FreeBSD you have to=20
explicitly enable this feature and the fwohci man page says it is=20
mandatory for SBP. It would not be too difficult to disable it by=20
default unless and SBP device is in use. Even in that case it is=20
apparently possible to limit the access granted to a particular device=20
(eg only allow it for the places you expect the device to write to).
=2D-=20
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
--nextPart1524852.Cns6UL1F9k
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
iD8DBQBHz0Gd5ZPcIHs/zowRAvFgAJ9KlcoTYPwtI9eiWFpWhmQhy1vUmACffCLp
hwvs7h13ni9NT59s4yn/j1M=
=fkHh
-----END PGP SIGNATURE-----
--nextPart1524852.Cns6UL1F9k--
討論串 (同標題文章)
完整討論串 (本文為第 3 之 8 篇):