Re: Firewire Attack on Windows Vista

[Nathanael Hoyle <nhoyle () hoyletech com>]

Tonnerre Lombard wrote:
> There is a quite viable technical solution in the form of a patch which
> solves most of these problems. 

<snip>

>                                 Tonnerre

To what are you referring?

I am aware of only a few defenses against firewire attacks:

1) disable firewire - ideally in the system BIOS, alternately at the OS 
level; on some sites I've seen firewire header pins snapped off of the 
motherboard.

2) refuse to enable DMA for a firewire device, also preventing many 
devices from working properly, e.g. the linux approach

The only approach I am aware of that might be called a 'viable technical 
solution' was just demonstrated at BlackHat for altering the content of 
the DMA controller to redirect certain memory accesses.  I do not 
believe this has been turned into anything like a usable tested patch 
for any major operating system to defend it's privileged kernel memory, 
and unless API's were created to designate the need for 'secured' memory 
storage for things like passwords to be stored in these areas that the 
DMA controller directed away from... I don't think this is yet a viable 
solution.  I think it is the beginning of an idea for one though.

Did you have something else in mind?  If so, what is holding back 
implementation?

-Nathanael