If your PC has a FireWire port, setting a login password may not be enough
to keep others away from your data - at least, not so long as they have access
to the physical system. According to
The Age, New Zealand security consultant Adam Boileau has released
a tool on his website
(
download
source ~
local mirror) that allows one to break into a Windows PC "in seconds" using
a Linux system and a simple FireWire connection to the target machine. Dubbed
Winlockpwn, the crack relies on FireWire's direct memory access functionality to
read and write the target PC's memory and "modify Windows' password protection
code . . . [to] render it ineffective." Boileau demonstrated Winlockpwn for the
first time at a security conference two years ago, but he only released it to
the public today. He says he got in touch with Microsoft to warn them, but that
the software giant still hasn't fixed the hole, since it believes security
measures are moot if a malicious user has physical access to a system. So far,
the crack has been demonstrated on Windows XP, but The Age says it doesn't know
whether Vista is also affected. There is a simple fix, though. Sophos security
researcher Paul Ducklin advises users, "If you have a Firewire port, disable it
when you aren't using it."
)