Archive
Firewire Attacks Revisited
For those who follow these kinds of things, you’ll remember that back in 2004 an enterprising group of people (Maximilian Dornseif, Michael Becher, and Christian Klein) gave a series of talks on how to bypass many kinds of computer security using the FireWire ports. This attack, though obvious from reading the specification of the Firewire / i.LINK / IEEE 1394 bus, simply used a computer acting as a “rogue” device to read and modify any memory location on a target PC.
Yes, ANY memory location, and that’s quite supported, even required by the FireWire/iLink specification, which needs direct-memory-access for some devices (like iPODs) to function.
Enterprising people have written attacks that use this “exploit” to get around encryption products, and locked workstations on Mac, Linux and PC.
Who?
 | EVP Cyber Product Innovation for Mastercard. Formally the Chief Technology Officer for Intel Secure Home Gateways, CTO for McAfee Enterprise Endpoint, CTO McAfee Innovation team, and Founder/CTO SafeBoot Corp. |
Simon Says - Musings of a Technology CTO 
Comments