that doesnt sound like much of a risk. plugging another computer into my computer. i mean, really, i would see that.
Let me know how you could plug something into my FireWire port over the interwebs and I’ll start worrying.
PC users have always been a joke as far as security goes.......
If you’ve lost physical control of the machine, it’s already game over. The method of attack is largely irrelevant.
That said, this sounds like something that should be patched — no need to make it any easier than it has to be. Still, anyone with access to the machine and a boot disk will be able to do just about anything they want to.
>>>>Mac security is a now officially a joke.
Parity with Windows....
FUD !
recoveror guess your password.
And why don't they just disable the Firewire port if the user is not logged in or if a password-protected screen saver is running?
Can’t wait to SHARE this with the arrogant Mac fanatics in my office.
Well, you've got me laughing. I'll give you that much. :D
FireWire is a memory-to-memory or DMA bus. That is, a connected device can access the memory from any computers to which it is connected.
This is fundamental to how FireWire (IEEE1394) works, so it is requires some kind of restriction on the areas of memory that it is allowed to access (different from that of the CPU itself). It also means that if you plug a FireWire card into a Windows computer, it is just as vulnerable.
In fact, it shares this vulnerability with the laptop card interfaces ExpressCard and PCCard, commonly used on Windows laptops.
If it were the same as the CPU, controlling access would be easy, the Memory Management Unit (MMU) which is part of the CPU could handle it.
Since it is not, either the MMU has to be augmented to have a set of tables to determine what external devices are allowed to have access to particular memory (just like it does for different users) or a separate MMU for IO devices needs to be added to the system.
Either approach is expensive (and not really subject to a quick software fix). If it were only FireWire, which is still restricted largely to Apple devices, neither approach would be feasible.
Fortunately, Intel’s new pretty, LightPeak (ThunderBolt in Apple parlance), has the same interface-advantage/security-issue since it is also a external memory-to-memory or DMA bus.
Since Intel is also making the CPUs and their MMUs, and the board interface chips with ThunderBolt, you won’t be surprised to learn that the most recent Nehalem CPUs (Core i5 and i7) are the first recent consumer CPUs to contain an IOMMU as described above (with memory control for IO devices including FireWire and ThunderBolt).
Thus, for computers with FireWire and those CPUs or later ones, there is now a workable fix for the problem.
When that fix will see the light of day is another matter, but with ThunderBolt allowing the transfer of all the memory in a 16GB machine in less that 20 seconds (more than 10 times faster than FireWire 800), I think we will see it sooner rather than later.
“Another precautionary measure is to try and ensure no one gets access to your computer.”
OMG!!!! OMG!!! OMG!!! I simply MUST burn this thing and get me one of those secure and dependable PC’s. I must not wait! I must get me a PC before the sky falls any farther or I will surely die! OMG!! Will they rape me too?!
If someone can get past my firewall, my fence, my guard geese, my ducks, chickens, my German Shepherd dog that believes everything on the property is his and that I am actually God, my house alarm, and my 30 years of defense - personal protection training and experience, HECK, they can have anything around here that they may desire.
Thank you so much. I remember those sweet old days when I had a PC. When it was down and down and down again, the dead time gave me a much needed and stress free rest.
As we all know, stress kills, so having a PC can actually help you live longer . Wow, those PC folks sure go out of their way to help us out.
Gee if somebody gets a hold of your computer, they could break into it...shocking!!! /s
ping
Yawn. You need physical access. If you’ve got that all bets are off.
If you want on or off the Mac Ping List, Freepmail me.
No, your thread is a joke. Physical access to ANY computer more or less guarantees a break-in. Even AT HD locking has been broken. Physical access security is not news, and hasn't been for 40 years.
When did you discover computers, last week? :)
Seriously, no personal offense intended, this is a garbage article, intended only for the purpose of bashing Apple. Aren't you tired of that cr@p by now?
I don’t have a firewire port on my Mac laptop. Problem solved!
I absolutely agree that others having access to your computer is a significant security risk.