Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Kern (timetrapgmail.com)
Date: Mon Mar 10 2008 - 09:26:20 CDT
Hi, I am new to this list.
I was reading your messages, and began to wonder; For a temporary fix action
why not just disable the ability to install new firewire devices? I know
that this does not fix the fundamental problem, but it could work as a
I am reminded of the NSA Security Guide on Disabling USB
how do these actions translate to firewire?
On Sun, Mar 9, 2008 at 11:35 PM, Jardel Weyrich <w.jardelgmail.com> wrote:
> Larry, there is no disk involved on the problem, only memory.
> So if the disk is encrypted or not, doesn't matter.
> Jardel Weyrich
> On Sun, Mar 9, 2008 at 11:14 PM, Larry Seltzer <Larrylarryseltzer.com>
> > >>WRT the DMA access over FireWire it's but a bad response since it
> > doesn't get the point!
> > >>1. Drive encryption won't help against reading the memory.
> > >>2. The typical user authentication won't help, we're at hardware level
> > >> here, and no OS needs to be involved.
> > >>3. The computer is up (and running; see above), no hibernate or sleep
> > >> is involved here.
> > So on a freshly-booted system with drive encryption you can read
> > whatever you want on the disk?
> > >>4. Group policies can be circumvented, even by a limited user.
> > >>
> > <http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventi
> > ng-group-policy-as-a-limited-user.aspx<http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventing-group-policy-as-a-limited-user.aspx>
> > >
> > What he says is that some group policies, not including system-wide
> > security settings, maybe circumvented, even by a limited user.
> > Larry Seltzer
> > eWEEK.com Security Center Editor
> > http://security.eweek.com/
> > http://blogs.pcmag.com/securitywatch/
> > Contributing Editor, PC Magazine
> > larry.seltzerziffdavisenterprise.com
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/