RE: Firewire Attack on Windows Vista

[bzhbfzj3001 () sneakemail com]

Actually they can be prevented by instructing the controller to filter the 
adresses the devices send. Then again, that's work, and physical attacks 
are typically considered low-risk, so I guess it's not found worth it.

The obvious reason to mention Vista is of course that Microsoft likes 
to talk about how they made it oh-so-secure, which is a nice contrast to 
leaving a large hole open that they have known about for at least 3 years.

Oh well, I guess we'll just have to wait until someone releases a tool 
that uses this vulnerability to break either Vista's activation or its 
DRM.

Martijn
PS. I'm on the list, and the address you see will be closed as I don't 
feel like dealing with the out-of-offices, so reply on-list and don't 
bother to CC. Thanks!

On Wed, 5 Mar 2008, Roger A. Grimes wrote:

> As somewhat indicated in the paper itself, these types of physical DMA 
> attacks are possible against any PC-based OS, not just Windows. If 
> that's true, why is the paper titled around Windows Vista?
>
> I guess it makes headlines faster.  But isn't as important, if not more 
> important, to say all PC-based systems have the same underlying problem? 
> That it's a broader problem needing a broader solution, instead of 
> picking on one OS vendor to get headlines?
>
> [Disclaimer: I'm a full-time Microsoft employee.]
> Roger