Locking your firewire-equipped Windows PC while you pop out for lunch won't keep it secure, thanks to a new hack developed by a New Zealand-based security consultant.
The new attack, which unlocks Windows workstations in 20 seconds by manipulating firewire ports, will be demonstrated at Sydney's Ruxcon security conference on September 30.
"It's generally well known in the forensics community that you can do this; it's just not been done against Windows as far as I know," says the creator of the hack, Adam Boileau, a consultant with Security-Assessment.com. "If you see an exposed firewire port, chances are that dude's got a problem."
By attaching a Linux-based computer running Mr Boileau's software to a locked Windows workstation, the target machine is tricked into allowing the attacking system to have read and write access to its memory, he says. After 20 seconds or so, the software fiddles with Windows' password protection code in the memory of the target machine, rendering it useless.
"You have read and write access to main memory, which means you can overwrite something that's about to be executed with your own code," he says.
The only reliable way to protect a computer against the unlocking technique is to disable its firewire port.
No comments:
Post a Comment