lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Mar 2008 12:44:19 -0800 From: Tim <tim-security@...tinelchicken.org> To: Larry Seltzer <Larry@...ryseltzer.com> Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>, Bugtraq <bugtraq@...urityfocus.com> Subject: Re: [Full-disclosure] Firewire Attack on Windows Vista > Is it not possible for Windows (or any OS) to open up DMA for a device > only to a certain range? > > If not, what options are available? I have various forms of RSI and don't feel like typing it again: On Thu, Mar 06, 2008 at 12:00:09PM -0800, Tim wrote: > [...] > Of course this is not an optimal fix. The drivers should just > automatically restrict the DMA accesses in real time to a range that is > safe but still permits devices to use it. (Presumably to buffers > allocated specifically for I/O.) Not sure if some devices would still > have problems with this, but I think this is the intended operation of > ieee1394 based on the specs and I'd imagine it would work on a greater > number of devices than having it disabled completely. > [...] So yes, this is possible. AFAIK, driver writers on all sides have just been lazy. At least with free OSes they have a lame hack to protect you. tim
Powered by blists - more mailing lists