FireWire port is a big security hole

Today, reading Larry Osterman’s blog, I learned something new. I always knew, that physical access to computer / server almost always means, that it may be compromised in one or another way, like Cryogenically frozen RAM bypasses all disk encryption methods. More here.

One thing I didn’t know, is FireWire (IEEE 1394 interface) Security issues.

From Uwe Hermann’s blog:

… if you gain physical access to a PC or laptop which has Firewire ports … you can read arbitrary RAM contents from the victim’s system, overwrite arbitrary RAM contents with whatever you want …

Read more: Physical memory attacks via Firewire/DMA – Part 1: Overview and Mitigation

P.S. Rebooting my computer into BIOS to disable FireWire.