Latest in Attack

Image credit:

Windows passwords easily bypassed over Firewire

Nilay Patel
03.04.08
Share
Tweet
Share

Sponsored Links

All of the sudden we're starting to see more and more attacks take advantage of what's stored on your computer's RAM -- the latest, from New Zealand's Adam Boileau, allows an attacker to unlock Windows passwords in a just a few seconds using a Linux machine connected over Firewire. Unlike those disk encryption attacks we saw that required a reboot, Boileu's attack works while the target computer is running, tricking Windows into allowing full write access to RAM and then corrupting the password protection code. That's a little scary -- but other researchers say that it's not a traditional vulnerability, since direct memory access is a feature of Firewire. Still, we're sealing up all of our ports with Silly Putty starting today, that ought to stop 'em.

Update:
Apparently this has been demonstrated on OS X as well -- it looks like Firewire's direct memory access is the common vector here.

[Thanks, Drew]

In this article: attack, microsoft, password, security, windows
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share

Popular on Engadget

Google fully explains why its apps aren't on new Huawei phones

Google fully explains why its apps aren't on new Huawei phones

View
'Friends' cast is locked in for a reunion special to launch HBO Max

'Friends' cast is locked in for a reunion special to launch HBO Max

View
Google search is showing invitations to private WhatsApp groups

Google search is showing invitations to private WhatsApp groups

View
The Hot Wheels RC Cybertruck is a mini Tesla for $400

The Hot Wheels RC Cybertruck is a mini Tesla for $400

View
Samsung Galaxy Z Flip review: Admire it, don't buy it

Samsung Galaxy Z Flip review: Admire it, don't buy it

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr