Skip to content

{ Category Archives } Firewire

0wn3d by an iPod – now for download

Besides the Slides from CanSecWest we now put Linux modified for the iPod to do the FireWire Attacks online. Get
it here.

Tagged ,
2005 05 06 mdornseif Comments (0)

Martin Pittenauer was so nice to confirm that the OF protection is there since MacOS 10.2.2. He also pointed me to an interesting article on “Securing Firewire” by Jonathan ‘Wolf’ Rentzsch.

Tagged ,
2004 12 07 mdornseif Comments (0)

Mac OS X 10.3.7 with improved access to OHCI-Filters?

Think Secret – Briefly: Mac OS X 10.3.7 gains more improvements: “While tracking the latest developer builds can admittedly get redundant, build 7S210 is somewhat significant [...] 7S210 includes improved compatibility with FireWire drives that failed to mount previously, apparently correcting current issues with FireWire drives”
I wonder if this Issues also include the missing OHCI-Filters?

Tagged ,
2004 12 02 mdornseif Comments (0)

Upcomming presentations on the FireWire issues

We will give some presentations on the Issues in near future:
Hacking with Fire
Will be held by Michael Becher at the chaos communication congress Berlin, Germany, 27.-29. December 2004.
Course on offensive and forensic aspects of FireWire
This 5-day class will be held by the staff of the Laboratory for Dependable Distributed Systemsin April in Cologne or Aachen.
FireWire [...]

Tagged ,
2004 11 30 mdornseif Comments (0)

Press release

To reduce confusion among the press, we drafted a press release on the FireWire issues.

Tagged ,
2004 11 29 mdornseif Comments (0)

macnews.de Interview

I have been interviewed on the FireWire issues by macnews.de (in German).

Tagged ,
2004 11 27 mdornseif Comments (0)

my Geek::Story; » pacsec04

Somebody has a weblog entry on the pac sec conference. Since the weblog is french I only have a vague idea what this is all about (and a suspicion who’s weblog it is) but there is an AVI of my demonstration at pac sec at that site. The video is in quite decent quality and [...]

Tagged ,
2004 11 23 mdornseif Comments (0)

FireWire Presentation and Demos on Video

In my forensics lecture I basically gave the same presentation as at PacSec on the Firewire issues, but this time it was recorded. Check: Video of the lecture (in english), audio-only track, Q&A (in german), Advisory: FireWire/IEEE 1394 direct memory access – CAN-2004-1038.

Tagged ,
2004 11 19 mdornseif Comments (0)

Non-determenistic Computers

Computers have a Tendency to be nondeterministic whenever you are preparing/doing a demonstrations. That happened to me with the FireWire presentation. I prepared the demos between two Macs. Since I had no two Macs to take with me to Tokyo I decided to do the Demo between my powerbook and my wife’s Dell Lattitude X [...]

Tagged ,
2004 11 18 mdornseif Comments (0)

Updated Advisory: FireWire/IEEE 1394 direct memory access – CAN-2004-1038

FireWire/IEEE 1394 direct memory access – CAN-2004-1038
Advisory URL: http://pacsec.jp/advisories.html
Subject: Potential system compromise by connected FireWire devices
CVE #: CAN-2004-1038
Affected: So far all tested Operating Systems with FireWire support
Summary:
——–
The FireWire/IEEE 1394 specification allows client devices [...]

Tagged ,
2004 11 17 mdornseif Comments (0)