Actually they can be prevented by instructing the controller to filter the
adresses the devices send. Then again, that's work, and physical attacks
are typically considered low-risk, so I guess it's not found worth it.
The obvious reason to mention Vista is of course that Microsoft likes
to talk about how they made it oh-so-secure, which is a nice contrast to
leaving a large hole open that they have known about for at least 3 years.
Oh well, I guess we'll just have to wait until someone releases a tool
that uses this vulnerability to break either Vista's activation or its
DRM.
Martijn
PS. I'm on the list, and the address you see will be closed as I don't
feel like dealing with the out-of-offices, so reply on-list and don't
bother to CC. Thanks!
On Wed, 5 Mar 2008, Roger A. Grimes wrote:
As somewhat indicated in the paper itself, these types of physical DMA
attacks are possible against any PC-based OS, not just Windows. If
that's true, why is the paper titled around Windows Vista?
I guess it makes headlines faster. But isn't as important, if not more
important, to say all PC-based systems have the same underlying problem?
That it's a broader problem needing a broader solution, instead of
picking on one OS vendor to get headlines?
[Disclaimer: I'm a full-time Microsoft employee.]
Roger
