Hello, The security vulnerabilities associated with open FireWire ports are nothing new, having been covered extensively by Maximilian Dornseif (2004 and 2005) and more recently by Adam Boileau (2006 and 2008). Unfortunately the tools released as part of these disclosures (pyfw, pythonraw1394 and winlockpwn) have all started to succumb to bit rot. In addition, there has been comparative lack of research on the vulnerabilities of Mac OS X against FireWire attacks. Therefore I would like to share my updated research in the field. This includes a open source cross platform (GNU/Linux and Mac OS X) library, libforensic1394, for performing memory forensics/attacks over FireWire and a paper on the subject. (Although written from a forensics standpoint the security implications associated with the interface are discussed at great length.) The paper can be found here: https://freddie.witherden.org/pages/ieee-1394-forensics.pdf with the associated pages for it and libforensic1394 being https://freddie.witherden.org/pages/ieee-1394-forensics/ https://freddie.witherden.org/tools/libforensic1394/ Included in the paper is: - A comprehensive discussion on obtaining memory access over the interface. - Coverage of the new "Juju" FireWire stack, introduced in the 2.6.22 Linux kernel. (Its features, susceptibility to memory access attacks, etc.) - Limitations of existing libraries and how libforensic1394 represents an improvement over them. - User-space code samples showing how responses to read/write requests can be spoofed my a malicious application on the target system. - Updated attack signatures for 32- and 64-bit versions of Windows to bypass logon passwords. - Similar signatures for Mac OS X 10.6 along with a discussion of how the user logon password can be extracted from a (locked) system. This, from a security standpoint, is particularly concerning. - Mitigation for Windows, Mac OS X and GNU/Linux. - Source code for all sample programs. Polemically yours, Freddie.