| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 10 Mar 2008 17:58:17 +0100 From: Ansgar -59cobalt- Wiechers <bugtraq@...netcobalt.net> To: bugtraq@...urityfocus.com Subject: Re: [Full-disclosure] Firewire Attack on Windows Vista On 2008-03-09 Larry Seltzer wrote: >>> WRT the DMA access over FireWire it's but a bad response since it >>> doesn't get the point! >>> 1. Drive encryption won't help against reading the memory. >>> 2. The typical user authentication won't help, we're at hardware level >>> here, and no OS needs to be involved. >>> 3. The computer is up (and running; see above), no hibernate or sleep >>> is involved here. > > So on a freshly-booted system with drive encryption you can read > whatever you want on the disk? Yes. Simply because the drive needs to be decrypted for the system to boot. Without decrypting the disk there's not difference to a switched- off box, because it's utterly unusable to anyone. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Powered by blists - more mailing lists