Re: Firewire Attack on Windows Vista
--Sig_L134rqJQ+z78ue4baRE=y_Z
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Salut,
On Thu, 6 Mar 2008 11:01:45 +0100 (CET), bzhbfzj3001@sneakemail.com
wrote:
> Actually they can be prevented by instructing the controller to
> filter the adresses the devices send. Then again, that's work, and
> physical attacks are typically considered low-risk, so I guess it's
> not found worth it.
There is a quite viable technical solution in the form of a patch which
solves most of these problems. Also, I heavily disagree that physical
security is of no importance. Nowadays, there are ways to achieve quite
good physical security using disk encryption and mechanisms which lock
the encrypted parts of the disk on demand (e.g. when closing the lid of
a notebook). Now, all of these mechanisms can be circumvented by
plugging an evil device which looks like an iPod, smells like an iPod
but fetches your keys from memory.
Tonnerre
--=20
SyGroup GmbH
Tonnerre Lombard
Solutions Systematiques
Tel:+41 61 333 80 33 G=C3=BCterstrasse 86
Fax:+41 61 383 14 67 4053 Basel
Web:www.sygroup.ch tonnerre.lombard@sygroup.ch
--Sig_L134rqJQ+z78ue4baRE=y_Z
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)
iQIVAwUBR9Dz7/e1GkGzEUDeAQJZmQ//ZUbUByTmTgI01HrxChTxBnzaK8XAgfjT
oaXXg2kv4F3YrP47Txjpv8d/0MulsUG+ZU8cLi9b1Oh541Z7h5O61v/1dOXxIQ2h
5qI4svztY8ZfDcWtK+ipyAHmOJbZI4qFySC3AVrGXB4bCEiDZMl6ggRrjj38v3H+
94/P/a4PAq150OIMK64XwgJL4OJuCTlqZzzBY+uksQVa7+E6Z0vOk4TZ++pAtYqv
qwwmbcAP0kt3MoBT+9FZAehCIK6oyDfvxmEZQtpXzSXjv5nqcGGi/Z5dAeJrR6KG
MDuo+k8L2JrQ4/r6648MwglShut71/vZBbGaWfBfKnvGbcD9lHdMNNDLFxagOutc
vd7yTbxuqHSWPpBBvAW62bQ0242J8qaKS5I20x11qqG3w7dy3DfWZAcjtsco4AN+
zrh5i8qF7Pd9FP2T2TYvzPr2mzns2iXa9E1OoVCM7CjS/d16r7LFAvld5jl0tzr3
Kj3rDQVyw6owJBdAlc29qaZQHE7a3KZkflbR+q1hF8DyXX5Vfeaat5UCBgsTxFtg
/ulABYcFppas9A86D7Ckqo/c0EFtNFIemj7ss87I7Sv6CVKZ5jd5gOhQmqAjKHPM
OTEBZIIbIQjvcCUD/+BlhnT7YJGDy0jXoyw44y5RiPiqesJU61qderUoudYOS48V
yTKcT1Z3qOA=
=CY8D
-----END PGP SIGNATURE-----
--Sig_L134rqJQ+z78ue4baRE=y_Z--
討論串 (同標題文章)
完整討論串 (本文為第 5 之 8 篇):