Bugtraq mailing list archives
RE: [Full-disclosure] Firewire Attack on Windows Vista
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Fri, 7 Mar 2008 11:55:19 -0800
The main point is to grab encryption keys from memory where the drive is encrypted - but that has to be while the device is on. I mean, it doesn't really matter if you disable password auth when you have physical access as you can just take the drive out, boot from CD, etc... t
-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full- disclosure-bounces () lists grok org uk] On Behalf Of Larry Seltzer Sent: Friday, March 07, 2008 11:51 AM To: Bugtraq; Full Disclosure Subject: Re: [Full-disclosure] Firewire Attack on Windows VistaLet's say the computer is off. You can turn it on, but that gets youto a login screen. What can the Firewire device do? OK, I guess I misunderstood the original paper (http://www.sec- consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks .pdf). It now looks to me like they are claiming they can disable password authentication *even while the system is not logged on* - do
I
have that right? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Firewire Attack on Windows Vista, (continued)
- RE: Firewire Attack on Windows Vista Larry Seltzer (Mar 06)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- Message not available
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 08)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 10)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 11)
- Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)