I believe their work is an expansion of this:<br><a href="http://www.theage.com.au/news/security/hack-into-a-windows-pc-no-password-needed/2008/03/04/1204402423638.html">http://www.theage.com.au/news/security/hack-into-a-windows-pc-no-password-needed/2008/03/04/1204402423638.html</a>, which demonstrated the vuln. in XP (and, according to the paper, it's been demonstrated with other OS's as well), and their work was specifically done on showing the problem in Vista, which hadn't (as far as the paper writer seems to know) been done before.<br>
<br>Maus<br><br><div class="gmail_quote">On Wed, Mar 5, 2008 at 4:30 PM, Roger A. Grimes <<a href="mailto:roger@banneretcs.com">roger@banneretcs.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
As somewhat indicated in the paper itself, these types of physical DMA attacks are possible against any PC-based OS, not just Windows. If that's true, why is the paper titled around Windows Vista?<br>
<br>
I guess it makes headlines faster. But isn't as important, if not more important, to say all PC-based systems have the same underlying problem? That it's a broader problem needing a broader solution, instead of picking on one OS vendor to get headlines?<br>
<br>
[Disclaimer: I'm a full-time Microsoft employee.]<br>
<br>
Roger<br>
<br>
*****************************************************************<br>
<font color="#888888">*Roger A. Grimes, InfoWorld, Security Columnist<br>
*CPA, CISSP, CISA, MCSE: Security (2000/2003), CEH, yada...yada...<br>
*email: <a href="mailto:roger_grimes@infoworld.com">roger_grimes@infoworld.com</a> or <a href="mailto:roger@banneretcs.com">roger@banneretcs.com</a><br>
*Author of Windows Vista Security: Securing Vista Against Malicious Attacks (Wiley)<br>
*<a href="http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470101555" target="_blank">http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470101555</a><br>
*****************************************************************<br>
</font><div><div></div><div class="Wj3C7c"><br>
<br>
-----Original Message-----<br>
From: Bernhard Mueller [mailto:<a href="mailto:research@sec-consult.com">research@sec-consult.com</a>]<br>
Sent: Wednesday, March 05, 2008 10:54 AM<br>
To: Full Disclosure; Bugtraq<br>
Subject: Firewire Attack on Windows Vista<br>
<br>
Hello,<br>
<br>
In the light of recent discussions about firewire / DMA hacks, we would like to throw in some of the results of our past research on this topic (done mainly by Peter Panholzer) in the form of a short whitepaper. In this paper, we demonstrate that the firewire unlock attack (as implemented in Adam Boileau´s winlockpwn) can be used against Windows Vista.<br>
<br>
The paper is available at:<br>
<br>
<a href="http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks.pdf" target="_blank">http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks.pdf</a><br>
<br>
<br>
Best regards,<br>
<br>
Bernhard<br>
<br>
<br>
--<br>
_________________________________________<br>
<br>
Bernhard Mueller<br>
Security Consultant<br>
<br>
SEC Consult Unternehmensberatung GmbH<br>
<a href="http://www.sec-consult.com" target="_blank">www.sec-consult.com</a><br>
<br>
A-1190 Vienna, Mooslackengasse 17<br>
phone +43 1 8903043 34<br>
fax +43 1 8903043 15<br>
mobile +43 676 840301 718<br>
email <a href="mailto:b.mueller@sec-consult.com">b.mueller@sec-consult.com</a><br>
<br>
Firmenbuch Wiener Neustadt: 227896t, UID: ATU56165223<br>
Firmensitz: Prof. Dr. Stephan Korenstraße 10, A-2700 Wiener Neustadt<br>
<br>
Advisor for your information security.<br>
<br>
</div></div></blockquote></div><br>