mailing list archives
Re: Owned by an iPod
From: Matt Johnston <mattj () tartarus uwa edu au>
Date: Sat, 23 Oct 2004 18:09:32 +0800
On Fri, Oct 22, 2004 at 10:53:55AM -0700, Dragos Ruiu wrote:
On October 21, 2004 10:22 pm, Rosalina Hamar wrote:
i heart about that demonstration a couple of weeks ago. now
it's an official announcement at parsec.jp . since there is not
much technical info on that issue in the announcement, i googled
around and found a link to an interesting post about the IEEE1394
OHCI interface on kerneltrap  back in 2002.
More technical information on this vulnerability,
and some of the other vulnerabilities, fixes and
techniques from the conference will be published
after the conference.
At least on Mac OS X, a workaround appears to be enabling
an openfirmware password. I assume that most firewire
chipsets would have the capability to disable raw memory
access if the OS asks nicely? Of course whether it's
disabled before the OS loads is another matter...
Full-Disclosure - We believe in it.