25th February 2011
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,159
|
|
Security concerns over new Thunderbolt I/O technology
From http://www.h-online.com/security/new...y-1198476.html
Quote:
Unlike such technologies as USB, Thunderbolt doesn't use a master/slave concept in which the PC controls communication. Rather, the new technology's concept is similar to that of Firewire, where a connected device can access a PC's working memory, for instance via DMA. Researchers such as those working in forensics have for some time taken advantage of this to create memory maps of the PCs they investigate. Vendor HBGary, for example, who was recently compromised by Anonymous, provided the US authorities with a framework that allows spyware to be injected into an unprotected but locked notebook via the Firewire port.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|