[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Firewire Attack on Windows Vista
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Firewire Attack on Windows Vista
- From: Ansgar -59cobalt- Wiechers <bugtraq@xxxxxxxxxxxxxxxx>
- Date: Mon, 10 Mar 2008 17:58:17 +0100
On 2008-03-09 Larry Seltzer wrote:
>>> WRT the DMA access over FireWire it's but a bad response since it
>>> doesn't get the point!
>>> 1. Drive encryption won't help against reading the memory.
>>> 2. The typical user authentication won't help, we're at hardware level
>>> here, and no OS needs to be involved.
>>> 3. The computer is up (and running; see above), no hibernate or sleep
>>> is involved here.
>
> So on a freshly-booted system with drive encryption you can read
> whatever you want on the disk?
Yes. Simply because the drive needs to be decrypted for the system to
boot. Without decrypting the disk there's not difference to a switched-
off box, because it's utterly unusable to anyone.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq