The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

Mar/08

24

Firewire enables direct hack against any OS

Tool Physically Hacks Windows – Desktop Security News Analysis – Dark ReadingI am not sure how this has been true for years, yet has received so little attention. This article discusses the fact that Firewire connections enable direct read and write to a computer’s RAM. In many ways, this is even better than the RAM persistence I blogged about a while back. It appears to be easy to write a script that would run on an iPod or other Firewire device which will allow you to grab passwords from memory, bypass login screens, and gain access to the local drive. The amazing thing about the memory access is that it actually bypasses the CPU entirely. Normal security software will not pick this up at all. PCMCIA and Firewire are designed to work this way. It is a “feature” not a “bug”. Never the less, it is a huge security issue. If your computer is under the physical control of another person, you are in trouble. Hard drive encryption is the solution, but only if the computer is OFF. If it is on, then the password can be grabbed from memory. There is really no solution to that problem.There are two actions one can take. First, you can physically disable your Firewire capability if you need to leave your computer running unattended. Second, you can make sure you never leave your computer running unattended in an insecure location, and that the hard drive is encrypted securely. This second suggestion is the same solution as for the RAM persistence attack.

No tags

1 comment

  • Gala Frickson · December 21, 2010 at 8:20 pm

    In the case of security devices, specially for businesses,
    I have to go along with you entirely. There are so quite a few
    alternatives on the market, it really is significant for a
    specialist to know what is most effectivefor their scenario in
    addition to specific complex. The information you are presenting
    really are a good help to businesses and additionally security
    professionals as well. Thanks once more!

    Reply

Leave a Reply

<<

>>