[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Firewire Attack on Windows Vista

Actually they can be prevented by instructing the controller to filter the adresses the devices send. Then again, that's work, and physical attacks are typically considered low-risk, so I guess it's not found worth it.

The obvious reason to mention Vista is of course that Microsoft likes to talk about how they made it oh-so-secure, which is a nice contrast to leaving a large hole open that they have known about for at least 3 years.

Oh well, I guess we'll just have to wait until someone releases a tool that uses this vulnerability to break either Vista's activation or its DRM.

PS. I'm on the list, and the address you see will be closed as I don't feel like dealing with the out-of-offices, so reply on-list and don't bother to CC. Thanks!

On Wed, 5 Mar 2008, Roger A. Grimes wrote:

As somewhat indicated in the paper itself, these types of physical DMA attacks are possible against any PC-based OS, not just Windows. If that's true, why is the paper titled around Windows Vista?

I guess it makes headlines faster. But isn't as important, if not more important, to say all PC-based systems have the same underlying problem? That it's a broader problem needing a broader solution, instead of picking on one OS vendor to get headlines?

[Disclaimer: I'm a full-time Microsoft employee.]