begin quoting Andrew Lentvorski as of Sat, Sep 10, 2005 at 11:11:12PM -0700: > Stewart Stremler wrote: > >http://www.securiteam.com/securitynews/6Q0000ABQA.html > > > >refers to what I was thinking of. > > > >"Here, have direct access to RAM" -> Danger, Will Robinson! > > Oh, that wasn't what I thought you meant. I was thinking something > along the lines of corrupted transfers of some form. Oh, no, not that I'm aware of. (Although memory might change underneath the cache if a firewire device if the OS isn't careful or the device doesn't play nice.)
> If someone plugging a Firewire device into one of your computers and > getting pwn3d is a problem, you really need to do a *much* more > extensive security audit than normal--including things like > investigating your cleaning company. Give someone access to your hardware, they own your machine. Basic rule of paranoia. :) -Stewart "Tempest, Hijack, and Nonstop gives paranoiacs the willies" Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
