Hi, I am new to this list. I was reading your messages, and began to wonder; For a temporary fix action why not just disable the ability to install new firewire devices? I know that this does not fix the fundamental problem, but it could work as a decent kludge.
I am reminded of the NSA Security Guide on Disabling USB Devices<http://www.nsa.gov/snac/support/I731-002R-2007.pdf>, how do these actions translate to firewire? On Sun, Mar 9, 2008 at 11:35 PM, Jardel Weyrich <[EMAIL PROTECTED]> wrote: > Larry, there is no disk involved on the problem, only memory. > So if the disk is encrypted or not, doesn't matter. > > Regards, > Jardel Weyrich > > > On Sun, Mar 9, 2008 at 11:14 PM, Larry Seltzer <[EMAIL PROTECTED]> > wrote: > > > >>WRT the DMA access over FireWire it's but a bad response since it > > doesn't get the point! > > >>1. Drive encryption won't help against reading the memory. > > >>2. The typical user authentication won't help, we're at hardware level > > >> here, and no OS needs to be involved. > > >>3. The computer is up (and running; see above), no hibernate or sleep > > >> is involved here. > > > > So on a freshly-booted system with drive encryption you can read > > whatever you want on the disk? > > > > >>4. Group policies can be circumvented, even by a limited user. > > >> > > <http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventi > > ng-group-policy-as-a-limited-user.aspx<http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventing-group-policy-as-a-limited-user.aspx> > > > > > > > What he says is that some group policies, not including system-wide > > security settings, maybe circumvented, even by a limited user. > > > > Larry Seltzer > > eWEEK.com Security Center Editor > > http://security.eweek.com/ > > http://blogs.pcmag.com/securitywatch/ > > Contributing Editor, PC Magazine > > [EMAIL PROTECTED] > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/