Bugtraq mailing list archives

RE: [Full-disclosure] Firewire Attack on Windows Vista

From: "Larry Seltzer" <Larry () larryseltzer com>
Date: Sun, 9 Mar 2008 22:14:08 -0400

WRT the DMA access over FireWire it's but a bad response since it

doesn't get the point!

1. Drive encryption won't help against reading the memory.
2. The typical user authentication won't help, we're at hardware level
  here, and no OS needs to be involved.
3. The computer is up (and running; see above), no hibernate or sleep
  is involved here.


So on a freshly-booted system with drive encryption you can read
whatever you want on the disk?

4. Group policies can be circumvented, even by a limited user.

<http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventi
ng-group-policy-as-a-limited-user.aspx> 

What he says is that some group policies, not including system-wide
security settings, maybe circumvented, even by a limited user.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.pcmag.com/securitywatch/
Contributing Editor, PC Magazine
larry.seltzer () ziffdavisenterprise com

Current thread:

RE: [Full-disclosure] Firewire Attack on Windows Vista, (continued)
- - - RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
    - RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
    - Message not available
    - RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 08)
    - RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 10)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 10)
    - RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 11)
    - Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
    - RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista Ansgar -59cobalt- Wiechers (Mar 10)
    - Re: Firewire Attack on Windows Vista Steve Shockley (Mar 11)
    - Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 13)
    - Re: [Full-disclosure] Firewire Attack on Windows Vista FD (Mar 11)
    - RE: Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
  - Re: Firewire Attack on Windows Vista Daniel O'Connor (Mar 06)
  - Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 06)
  - RE: Firewire Attack on Windows Vista bzhbfzj3001 (Mar 06)
    - Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 07)

(Thread continues...)