[Lancer409]

Well, at least one person is going to be celebrating (but for all the wrong reasons, trust us) this interesting tidbit that’s passed through the pipes; a recently discovered security flaw in the Firewire (aka IEEE 1394, or iLink) spec, which we first saw pop up on SecurityFocus, lets a connected device gain elevated access and/or control of any kind of computer without the perpetrator having to do anything more than plug in, say, an iPod (loaded with the appropriate software, of course) via Firewire. So yes, you too may soon find yourself |-|@><0R3|) by teh iPodz0r. It’s very unlikely that this will actually happen to you, to say the least, but if you ever wanted a reason to switch to USB...

clip from engadget

full read is here...

http://pacsec.jp/advisories.html

can this be fixed with a security patch? ... shouldnt matter, only ipod that touches my machine is MINE!


FYI

[Spheric Harlot]

Once again: once you have physical access to the machine, all bets are off anyway.

[drive-thru]

^True.
However, if you had physical access to a mac you would be prompted for an admin password if you tried to load software or generally mess up the machine, especially if the logged-in user was not an admin. Apparently this security hole grants the user elevated privileges, so a user who is normally limited could suddenly have much greater access.

I just did a test and a user limited to Simple Finder doesn't seem to have access to Firewire drives.

[Eriamjh]

I heard that keyboards are considered security risks.

[Lancer409]

Originally posted by Eriamjh:
I heard that keyboards are considered security risks.

woah woah .. i'm just sayin ... dude .. not like i'm attacking apples cause i own one .. chill ...

[drive-thru]

Yes, having direct physical access to a computer is a security risk. But take this situation:
A company has a network of computers, one of which is in the lobby/waiting area and shows a presentation about the company for peope who are visiting or waiting to see an employee. To try to secure this computer they limit the user to just being able to run PowerPoint, so even if someone quits the slideshow they can't do anything else. Now if someone plugs in an iPod or firewire drive with some software loaded onto it they may then be able to run that software, whereas if they brought it in on a CD, flash drive or plugged their iPod in by USB they may not, because of the elevated privileges from the firewire drive (I'm assuming this is the nature of this security hole).
Now they can run whatever software they want and maybe gain access to the rest of the network.

-Yes, for those of you who are about to tell me, having that computer connected directly to the network is a bad idea, but it's fairly realistic - I've seen this in a few companines, albeit there was no keyboard.

[macroy]

Originally posted by drive-thru:

-Yes, for those of you who are about to tell me, having that computer connected directly to the network is a bad idea, but it's fairly realistic - I've seen this in a few companines, albeit there was no keyboard.

You would think (or hope) in the scenario, they would've disabled any I/O ports. And yes, that system should not be on the same subnet as the other computers. Having done so poses a bigger risk than the Firewire issue.

[Raman]

Originally posted by drive-thru:
A company has a network of computers, one of which is in the lobby/waiting area and shows a presentation about the company for peope who are visiting or waiting to see an employee.

I would hope that they are like other companies that think ahead and have several layers of firewalls like ours does. This type of machine wouldn't even be allowed to connect to our network.

[drive-thru]

Originally posted by Raman:
I would hope that they are like other companies that think ahead and have several layers of firewalls like ours does. This type of machine wouldn't even be allowed to connect to our network.

I know, but that's not the point, that's why I put the bit at the end.

The point of that post was to show the people who are saying that this security hole is a non-issue, because you have to have access to the computer anyway, that it could be a big issue given the right situation.
If you allow a lot of people to use a computer and secure it by limiting the privileges, a user who runs software from a firewire drive may be able to oversome the limits you've set and do some damage or get into places he shouldn't be able to.

Maybe a better example would be a computer lab in college, where firewire ports may need to be active so that users can plug in a DV camera in order to edit video. The users on these computers would normally have limited privileges - until they run software from a firewire drive.

[Richard Edgar]

The point of that post was to show the people who are saying that this security hole is a non-issue, because you have to have access to the computer anyway, that it could be a big issue given the right situation

I agree. It's certainly not a problem on the level of remote-root-exploit, but it is a problem. If someone has physical access to a machine, all bets are off ....ultimately. Just plugging in a device shouldn't be enough. IIRC, UNIXes used to have a problem with SUID bits being honoured on inserted floppies. Very easy way to get a root shell, until it got fixed.

[wdlove]

I hope that they will fix the problem..