Rod Whitworth wrote: > And you are aware of how insecure firewire is, I hope?
Yeah, somewhat. > With physical access admittedly Pretty much anything is possible with physical access and some time. > ... but it does DMA transfers without talking to the OS etc. It appears that could be turned off, but I doubt any hardware makers will spend the effort. > See http://www.ruxcon.org.au/files/2006/firewire_attacks.pdf I saw > the demo and heard the talk that is not on the slides .... Scary! Thanks. Interesting presentation. There's a lot out there. e.g.: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=211201211 http://blogs.23.nu/RedTeam/0000/00/antville-5201/ Again, it looks like it *might* be possible to fix problem at the driver level by having DMA turned off by default or disabled: "Because FireWire and USB were designed with the intention of connecting high-speed disk drives, both specifications have provisions for DMA. This means that, under many circumstances, a device that's plugged into a FireWire or USB interface has the ability to read and write to individual physical memory locations inside a the host computer. Such access necessarily bypasses the host operating system and any security checks that it might wish to implement." http://www.csoonline.com/article/220868/Attack_of_the_iPods_?page=2 What would be fine to avoid would be the marketing of shortcomings in IEEE hardware and drivers leveraged to push DRM'd hardware like the "hanging chads" were used to usher in blackbox voting. The last Dell notebook I looked at had TCPM in the hardware and the Apples seem to now have HDCP: http://arstechnica.com/apple/news/2008/11/apple-brings-hdcp-to-a-new-aluminum-macbook-near-you.ars Regards -Lars
