[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Firewire Attack on Windows Vista
Tonnerre Lombard wrote:
There is a quite viable technical solution in the form of a patch which
solves most of these problems.
To what are you referring?
I am aware of only a few defenses against firewire attacks:
1) disable firewire - ideally in the system BIOS, alternately at the OS
level; on some sites I've seen firewire header pins snapped off of the
2) refuse to enable DMA for a firewire device, also preventing many
devices from working properly, e.g. the linux approach
The only approach I am aware of that might be called a 'viable technical
solution' was just demonstrated at BlackHat for altering the content of
the DMA controller to redirect certain memory accesses. I do not
believe this has been turned into anything like a usable tested patch
for any major operating system to defend it's privileged kernel memory,
and unless API's were created to designate the need for 'secured' memory
storage for things like passwords to be stored in these areas that the
DMA controller directed away from... I don't think this is yet a viable
solution. I think it is the beginning of an idea for one though.
Did you have something else in mind? If so, what is holding back