Tuesday, March 04, 2008

Windows passwords easily bypassed over Firewire

Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/245646554/

Filed under: ,

All of the sudden we're starting to see more and more attacks take advantage of what's stored on your computer's RAM -- the latest, from New Zealand's Adam Boileau, allows an attacker to unlock Windows passwords in a just a few seconds using a Linux machine connected over Firewire. Unlike those disk encryption attacks we saw that required a reboot, Boileu's attack works while the target computer is running, tricking Windows into allowing full write access to RAM and then corrupting the password protection code. That's a little scary -- but other researchers say that it's not a traditional vulnerability, since direct memory access is a feature of Firewire. Still, we're sealing up all of our ports with Silly Putty starting today, that ought to stop 'em.

Update: Apparently this has been demonstrated on OS X as well -- it looks like Firewire's direct memory access is the common vector here.

[Thanks, Drew]

 

Read | Permalink | Email this | Comments

Posted by Augustine at 10:54 PM