tag:blogger.com,1999:blog-37798047.post1698417551131304165..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: Thunderbolt: Introducing a new way to hack MacsDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-37798047.post-60822798756989944482012-07-21T22:25:41.140-04:002012-07-21T22:25:41.140-04:00Great job!!! Yeah, forgetting to lock your desktop...Great job!!! Yeah, forgetting to lock your desktop while taking a piss results in such comments, kudos to my colleaguesAvenhttp://www.ilikemall.com/guide/reset-windows-7-password.htmlnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-59778182380446048292012-02-14T11:15:20.335-05:002012-02-14T11:15:20.335-05:00Turns out that this works as advertised: http://ww...Turns out that this works as advertised: <a href="http://www.breaknenter.org/2012/02/adventures-with-daisy-in-thunderbolt-dma-land-hacking-macs-through-the-thunderbolt-interface/" rel="nofollow">http://www.breaknenter.org/2012/02/adventures-with-daisy-in-thunderbolt-dma-land-hacking-macs-through-the-thunderbolt-interface/</a>Carstenhttps://www.blogger.com/profile/03613334567369135517noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-73306879549026618832011-03-06T10:45:37.809-05:002011-03-06T10:45:37.809-05:00I conduct research in the field of FireWire (IEEE ...I conduct research in the field of FireWire (IEEE 1394) memory forensics and can confirm that on Mac OS X a firmware password disables DMA.<br /><br />However, if Thunderbolt just pipes PCI-type signals over a bus then a firmware password will not be effective. The firmware password technique only works because the OHCI has a register for enabling/disabling physical requests.<br /><br />For those that are interested my thesis can be found on my website:<br /><br /> https://freddie.witherden.org/pages/ieee-1394-forensics/<br /><br />The correct solution -- albeit a hardware one -- to this problem is to stick an IOMMU between the Thunderbold controller and the memory controller.Freddie Witherdenhttps://www.blogger.com/profile/14466347623732544184noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-77184077105975052972011-02-27T01:57:13.258-05:002011-02-27T01:57:13.258-05:00This article presents a particular bias since ther...This article presents a particular bias since there is no real-world evidence to back up your claim (we need data).<br /><br />Test the hardware locked down, perhaps you could take X-Istence's statement further by doing so to remove any bias in your article.<br /><br />Test a computer without that said chip, and test one with it. Then test both systems completely locked down (EFI password+lockdown et al). And test without EFI locks.<br /><br />FireWire was developed in the 80's, I don't think security was a concern till this data mining hysteria started, just my opinion.stevenruttanhttps://www.blogger.com/profile/15432904361340227731noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-78178397075666794752011-02-27T01:47:37.833-05:002011-02-27T01:47:37.833-05:00Given that statement of X-Istence, you guys should...Given that statement of X-Istence, you guys should test that out as well.<br /><br />It's a bit silly to write an article about theorized security flaws without actually exploiting them, that presents a particular bias in the article - perhaps just to stir up debate/intelligent conversation - but we need real data here if your argument's to hold any water, just sayin'.<br /><br />Also I don't think security was a big issue until people started this "data mining" hysteria, FW was developed in the 80's after all, but it's a dying horse..<br /><br />Test Thunderbolt without the chip, then test another computer with said chip. Test both systems locked via EFI, then test them without being in lockdown mode. This should remove your bias, and the result will actually be accurate (or should be, but now I'm theorizing myself here). Also test with systems 100% locked-down vs. not. There are many variables to the equation you see :) Just sayin'stevenruttanhttps://www.blogger.com/profile/15432904361340227731noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-61935475166589126352011-02-25T23:39:37.839-05:002011-02-25T23:39:37.839-05:00When you enable a firmware password on a Mac this ...When you enable a firmware password on a Mac this "feature" of Firewire is disabled and it goes into lockdown mode ...X-Istencehttps://www.blogger.com/profile/17456435362208853003noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-48882827529145389842011-02-25T12:10:16.660-05:002011-02-25T12:10:16.660-05:00yeah, forgetting to lock your desktop while taking...yeah, forgetting to lock your desktop while taking a piss results in such comments, kudos to my colleaguesUnknownhttps://www.blogger.com/profile/16900066689423848588noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-21169887526148690732011-02-24T18:28:31.825-05:002011-02-24T18:28:31.825-05:00It's called an IOMMU (http://en.wikipedia.org/...It's called an IOMMU (http://en.wikipedia.org/wiki/IOMMU)<br /><br />This has been in most processors since 2006/2007.Unknownhttps://www.blogger.com/profile/17677018717049127727noreply@blogger.com