FireWire’s physical memory access

Maximillian Dornseif’s Red Team: FireWire round-up has several links on using Firewire (IEEE 1394, Sony i.Link) to access physical memory, without any software cooperation from the target host. He just presented at the PacSec/core04 conference. He publishes sample code. He points out that this could be very useful for forensic analysis of live systems. He demonstrates how the technique can be used for privilege escalation or spying. He points to several security advisories that arose out of this discussion.

Leave a Reply