| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 07 Mar 2008 13:59:03 -0500 From: Nathanael Hoyle <nhoyle@...letech.com> To: Tonnerre Lombard <tonnerre.lombard@...roup.ch> Cc: bugtraq@...urityfocus.com Subject: Re: Firewire Attack on Windows Vista Tonnerre Lombard wrote: > > There is a quite viable technical solution in the form of a patch which > solves most of these problems. <snip> > > Tonnerre To what are you referring? I am aware of only a few defenses against firewire attacks: 1) disable firewire - ideally in the system BIOS, alternately at the OS level; on some sites I've seen firewire header pins snapped off of the motherboard. 2) refuse to enable DMA for a firewire device, also preventing many devices from working properly, e.g. the linux approach The only approach I am aware of that might be called a 'viable technical solution' was just demonstrated at BlackHat for altering the content of the DMA controller to redirect certain memory accesses. I do not believe this has been turned into anything like a usable tested patch for any major operating system to defend it's privileged kernel memory, and unless API's were created to designate the need for 'secured' memory storage for things like passwords to be stored in these areas that the DMA controller directed away from... I don't think this is yet a viable solution. I think it is the beginning of an idea for one though. Did you have something else in mind? If so, what is holding back implementation? -Nathanael
Powered by blists - more mailing lists