Re: [Full-disclosure] Firewire Attack on Windows Vista
Hi Glenn,
> It should be realized though that fixing this is not necessarily a simple
> thing, nor are architectural considerations missing.
I most probably understated the difficulty of implementing a safe
ieee1394 DMA driver earlier. However, it's one of those things where
the drivers ought to at least default to a safe configuration and allow
those who like operating in the "wild west" for the purposes of speed to
do so.
> As for what can be done by Windows (as opposed to "any OS"), that is perhaps
> limited by the great range of underlying hardware. A compromise which might allow
> DMA to/from disks, tapes, or CDs but disallow it for most other peripherals
> might turn out to be the best general solution available, or something
> comparably ugly.
In the specific case of FireWire, Windows already does this, but that is
exactly how the restrictions were bypassed. You can't trust a disk
device any more than any other device, since a laptop can simply emulate
a storage device.
cheers,
tim
討論串 (同標題文章)
完整討論串 (本文為第 4 之 8 篇):