<<< Date Index >>>     <<< Thread Index >>>

RE: Firewire Attack on Windows Vista



As somewhat indicated in the paper itself, these types of physical DMA attacks 
are possible against any PC-based OS, not just Windows. If that's true, why is 
the paper titled around Windows Vista?

I guess it makes headlines faster.  But isn't as important, if not more 
important, to say all PC-based systems have the same underlying problem?  That 
it's a broader problem needing a broader solution, instead of picking on one OS 
vendor to get headlines?

[Disclaimer: I'm a full-time Microsoft employee.] 

Roger

*****************************************************************
*Roger A. Grimes, InfoWorld, Security Columnist 
*CPA, CISSP, CISA, MCSE: Security (2000/2003), CEH, yada...yada...
*email: roger_grimes@xxxxxxxxxxxxx or roger@xxxxxxxxxxxxxx
*Author of Windows Vista Security: Securing Vista Against Malicious Attacks 
(Wiley)
*http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470101555
*****************************************************************


-----Original Message-----
From: Bernhard Mueller [mailto:research@xxxxxxxxxxxxxxx] 
Sent: Wednesday, March 05, 2008 10:54 AM
To: Full Disclosure; Bugtraq
Subject: Firewire Attack on Windows Vista

Hello,

In the light of recent discussions about firewire / DMA hacks, we would like to 
throw in some of the results of our past research on this topic (done mainly by 
Peter Panholzer) in the form of a short whitepaper. In this paper, we 
demonstrate that the firewire unlock attack (as implemented in Adam Boileau´s 
winlockpwn) can be used against Windows Vista.

The paper is available at:

http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks.pdf


Best regards, 

Bernhard


--
_________________________________________

Bernhard Mueller
Security Consultant

SEC Consult Unternehmensberatung GmbH
www.sec-consult.com

A-1190 Vienna, Mooslackengasse 17
phone     +43 1 8903043 34
fax       +43 1 8903043 15
mobile    +43 676 840301 718
email     b.mueller@xxxxxxxxxxxxxxx

Firmenbuch Wiener Neustadt: 227896t, UID: ATU56165223
Firmensitz: Prof. Dr. Stephan Korenstraße 10, A-2700 Wiener Neustadt

Advisor for your information security.