Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Bugtraq: Re: [Full-disclosure] Firewire Attack on Windows Vista

Re: [Full-disclosure] Firewire Attack on Windows Vista

From: Ansgar -59cobalt- Wiechers <bugtraq_at_planetcobalt.net>
Date: Mon, 10 Mar 2008 17:58:17 +0100

On 2008-03-09 Larry Seltzer wrote:
>>> WRT the DMA access over FireWire it's but a bad response since it
>>> doesn't get the point!
>>> 1. Drive encryption won't help against reading the memory.
>>> 2. The typical user authentication won't help, we're at hardware level
>>> here, and no OS needs to be involved.
>>> 3. The computer is up (and running; see above), no hibernate or sleep
>>> is involved here.
>
> So on a freshly-booted system with drive encryption you can read
> whatever you want on the disk?

Yes. Simply because the drive needs to be decrypted for the system to
boot. Without decrypting the disk there's not difference to a switched-
off box, because it's utterly unusable to anyone.

Regards
Ansgar Wiechers 

-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
Received on Mar 10 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]