Linux Today: Linux News On Internet Time.

More ways to gain access to systems you have physical access to

May 04, 2009, 21:21 (0 Talkback[s])

[ Thanks to j00p34 for this link. ]

The DMA attack is based on a "feature" of firewire which gives it direct read/write access to memory.

"DMA as most of you probably know is a feature used to speed up access to memory by bypassing the processor, this is needed for instance by graphic cards which do their own processing on data in memory. It's a great enhancement to allow for speedy input/output of data where the main processor is not needed. The firewire protocol allows external devices to directly access memory for read/write operations. This makes it easily possible to change data in system memory using an external device (like a modified ipod for example)

"root access
This can give you root access to a running Linux system as long as it has a working firewire port. You can read more about this specific security flaw as well as methods of mitigating it here (the part about windows is especially amusing)"

Complete Story

Related Stories: