Firewire Security Hole

This is not a new issue, but I just found out about it from this article on TechRepublic.com (yes, their URL is technrepublic.com.com).   They state that Firewire (IEEE 1394), unlike USB, was designed more as an external system bus connection, not just for external storage.  That allows Firewire devices to sneak in under the covers and do pretty much whatever they want, waving the “I’m with the band!” badge at any secuirty, including logging into the system.

Since this is part of the design of Firewire, it’s not a bug that can be fixed.  You cannot protect against security breach by firewire device and still adhere to the standard.  This isn’t to say it’s time to weld a metal plate over your laptop’s Firewire port and a tin foil hat on your head, because this isn’t something that you hear about happening in the wild, even though there’s a program out there to do it.

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.