Re: [Full-disclosure] Firewire Attack on Windows Vista
- From: Tim <tim-security@xxxxxxxxxxxxxxxxxxx>
- Date: Thu, 6 Mar 2008 12:44:19 -0800
Is it not possible for Windows (or any OS) to open up DMA for a device
only to a certain range?
If not, what options are available?
I have various forms of RSI and don't feel like typing it again:
On Thu, Mar 06, 2008 at 12:00:09PM -0800, Tim wrote:
[...]
Of course this is not an optimal fix. The drivers should just
automatically restrict the DMA accesses in real time to a range that is
safe but still permits devices to use it. (Presumably to buffers
allocated specifically for I/O.) Not sure if some devices would still
have problems with this, but I think this is the intended operation of
ieee1394 based on the specs and I'd imagine it would work on a greater
number of devices than having it disabled completely.
[...]
So yes, this is possible. AFAIK, driver writers on all sides have just
been lazy. At least with free OSes they have a lame hack to protect
you.
tim
- References:
- Firewire Attack on Windows Vista
- From: Bernhard Mueller
- RE: Firewire Attack on Windows Vista
- From: Roger A. Grimes
- Re: Firewire Attack on Windows Vista
- From: Peter Watkins
- RE: Firewire Attack on Windows Vista
- From: Larry Seltzer
- Re: [Full-disclosure] Firewire Attack on Windows Vista
- From: Tim
- RE: [Full-disclosure] Firewire Attack on Windows Vista
- From: Larry Seltzer
- Re: [Full-disclosure] Firewire Attack on Windows Vista
- From: Tim
- RE: [Full-disclosure] Firewire Attack on Windows Vista
- From: Larry Seltzer
- Firewire Attack on Windows Vista
- Prev by Date: RE: [Full-disclosure] Firewire Attack on Windows Vista
- Next by Date: PHP-Nuke KutubiSitte "kid" SQL Injection exploit code adding
- Previous by thread: RE: [Full-disclosure] Firewire Attack on Windows Vista
- Next by thread: RE: [Full-disclosure] Firewire Attack on Windows Vista
- Index(es):
Relevant Pages
|
