lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <a399ca980803092035t1ce8bab8peccb76599560f87@mail.gmail.com>
Date: Mon, 10 Mar 2008 00:35:00 -0300
From: "Jardel Weyrich" <w.jardel@...il.com>
To: "Larry Seltzer" <Larry@...ryseltzer.com>
Cc: Stefan Kanthak <stefan.kanthak@...go.de>, bugtraq@...urityfocus.com,
	full-disclosure@...ts.grok.org.uk
Subject: Re: Firewire Attack on Windows Vista

Larry, there is no disk involved on the problem, only memory.
So if the disk is encrypted or not, doesn't matter.

Regards,
Jardel Weyrich

On Sun, Mar 9, 2008 at 11:14 PM, Larry Seltzer <Larry@...ryseltzer.com>
wrote:

> >>WRT the DMA access over FireWire it's but a bad response since it
> doesn't get the point!
> >>1. Drive encryption won't help against reading the memory.
> >>2. The typical user authentication won't help, we're at hardware level
> >>   here, and no OS needs to be involved.
> >>3. The computer is up (and running; see above), no hibernate or sleep
> >>   is involved here.
>
> So on a freshly-booted system with drive encryption you can read
> whatever you want on the disk?
>
> >>4. Group policies can be circumvented, even by a limited user.
> >>
> <http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventi
> ng-group-policy-as-a-limited-user.aspx<http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventing-group-policy-as-a-limited-user.aspx>
> >
>
> What he says is that some group policies, not including system-wide
> security settings, maybe circumvented, even by a limited user.
>
> Larry Seltzer
> eWEEK.com Security Center Editor
> http://security.eweek.com/
> http://blogs.pcmag.com/securitywatch/
> Contributing Editor, PC Magazine
> larry.seltzer@...fdavisenterprise.com
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ