NEWS FROM THE LAB - Tuesday, March 4, 2008

Unlocking Windows Using FireWire Posted by Jarno @ 20:36 GMT

Did you know that if you have a FireWire port in your computer and running Windows, anyone who can plug into it has direct access to the memory of your PC?

While this has been a publicly known issue since 2004 when the attack was demonstrated in PacSec 2004 by Maximillian Dornseif, the issue has not gained widespread attention.

The Age reports that Adam Boileau has done excellent work on bringing more attention to this feature of FireWire of which most people are not aware.

If you are running Windows XP, anyone who can connect his laptop or modified iPod to your FireWire port can get complete access to your PC's memory. And by using that access the attacker can do whatever he wants such as unlock Windows, steal encryption keys, or install malware.

The problem has not been verified with Windows Vista, but we cannot state that Vista would be safe either.

Currently there is no known fix for this problem, so if you have a computer that has a FireWire port and you don't use it for anything, we recommend disabling it.

What's really funny to us is that we were recently discussing the fact that people at large don't know about the FireWire memory access problem. And we were thinking about creating a demonstration video a couple weeks back. Well, Adam, you beat us to it.