Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Owned by an iPod
From: Matt Johnston <mattj () tartarus uwa edu au>
Date: Sat, 23 Oct 2004 18:09:32 +0800

On Fri, Oct 22, 2004 at 10:53:55AM -0700, Dragos Ruiu wrote:
On October 21, 2004 10:22 pm, Rosalina Hamar wrote:
i heart about that demonstration a couple of weeks ago. now
it's an official announcement at parsec.jp [0]. since there is not
much technical info on that issue in the announcement, i googled
around and found a link to an interesting post about the IEEE1394
OHCI interface on kerneltrap [1] back in 2002.

shish ...

[0] http://pacsec.jp/advisories.html
[1] http://kerneltrap.org/node/view/145

More technical information on this vulnerability, 
and some of the other vulnerabilities, fixes and 
techniques from the conference will be published
after the conference.

At least on Mac OS X, a workaround appears to be enabling
an openfirmware password[1]. I assume that most firewire
chipsets would have the capability to disable raw memory
access if the OS asks nicely? Of course whether it's
disabled before the OS loads is another matter...


[1] http:/matt.ucc.asn.au/apple/

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]