Re: FireWire Security issues
From: Bruce M Simpson (bms_at_spc.org)
Date: 11/17/04
- Previous message: Maximillian Dornseif: "FireWire Security issues"
- In reply to: Maximillian Dornseif: "FireWire Security issues"
- Next in thread: Julian Elischer: "Re: FireWire Security issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 16 Nov 2004 17:40:37 -0800 To: Maximillian Dornseif <dornseif@informatik.rwth-aachen.de>
On Tue, Nov 16, 2004 at 09:30:09PM +0100, Maximillian Dornseif wrote:
> looking into the issue described in the advisory below I wonder how to
> tackle this issues. Primarily
> I ask myself
>
> * is there any reason not to filter all physical memory access by default
> * what would be the appropriate way to change the filter set? a sysctl?
This is totally not news, this has been discussed in various circles for
the past 5 years, though it's nice to see someone presenting an old attack
in a new way.
You can only filter the accesses by implementing filter logic in the PCI
bridge to main memory to deny the accesses, or the PCI bus arbiter, or
failing that, the FireWire to PCI host controller itself.
The CPU and operating system are not able to intervene here in any way.
Regards,
BMS
- application/pgp-signature attachment: stored
- Previous message: Maximillian Dornseif: "FireWire Security issues"
- In reply to: Maximillian Dornseif: "FireWire Security issues"
- Next in thread: Julian Elischer: "Re: FireWire Security issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
