Focus on Microsoft
RE: Bitlocker without PIN Feb 24 2011 09:34AM
Per Thorsheim (putilutt online no) (2 replies)
Re: Bitlocker without PIN Feb 25 2011 10:54AM
Ansgar Wiechers (bugtraq planetcobalt net)
RE: Bitlocker without PIN Feb 24 2011 05:07PM
Thor (Hammer of God) (thor hammerofgod com) (3 replies)
RE: Bitlocker without PIN Feb 24 2011 09:43PM
rwagg (at) robhome (dot) com [email concealed] (rwagg robhome com) (1 replies)
RE: Bitlocker without PIN Feb 24 2011 10:06PM
David Lum (David Lum NWEA org)
RE: Bitlocker without PIN Feb 24 2011 09:33PM
Per Thorsheim (putilutt online no)
RE: Bitlocker without PIN Feb 24 2011 08:37PM
John Lightfoot (jlightfoot gmail com) (2 replies)
RE: Bitlocker without PIN Feb 24 2011 10:42PM
Per Thorsheim (putilutt online no) (1 replies)
RE: Bitlocker without PIN Feb 25 2011 03:02AM
Thor (Hammer of God) (thor hammerofgod com)
RE: Bitlocker without PIN Feb 24 2011 09:25PM
Thor (Hammer of God) (thor hammerofgod com) (2 replies)
Re: Bitlocker without PIN Feb 24 2011 10:18PM
Susan Bradley (sbradcpa pacbell net) (1 replies)
RE: Bitlocker without PIN Feb 25 2011 03:41PM
Jim Harrison (Jim isatools org) (2 replies)
Re: Bitlocker without PIN Mar 04 2011 06:20PM
Susan Bradley (sbradcpa pacbell net)
RE: Bitlocker without PIN Feb 25 2011 06:01PM
Per Thorsheim (putilutt online no)
AND laptops also have an pcmcia/expresscard slot, where you can insert a
Firewire adapter as well.

Along with Apple and their upgraded Macbook Pro comes "Thunderbolt",
also known as "Light Peak". A new, better and faster way of connecting
peripherals. And discussions are already up, with concerns of the same
type of attack being possible against Thunerbolt as with Firewire.

Again we're back to the risk analysis - since nothing is 100% secure.

Best regards,
Per Thorsheim
http://securitynirvana.blogspot.com/

On Fri, 2011-02-25 at 15:41 +0000, Jim Harrison wrote:
> ..a lot more than you might think include Firewire ports - the word "commodity" comes to mind.
> Even my Lenovo netbook has one and pretty much any desktop/workstation includes at least one Firewire port (they're very popular with digital musicians / producers, etc.).
>
> The biggest problem with most M-L orgs is that they tend to standardize their hardware before anyone has done any threat modeling (assuming that happens at all).
> You'd have to issue a pretty big PO before most computer mfr would be willing to tweak the hardware options that much.
>
> Jim
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Susan Bradley
> Sent: Thursday, February 24, 2011 2:19 PM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Re: Bitlocker without PIN
>
> How many laptops are sold with firewire ports?
>
> Wouldn't one mitigation technique for a prudent CTO/CIO would be to spec all laptops without that?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAk1n7nsACgkQsXl+Y9DQrvbxWgCePriS6kq4otY4BeTf/QUTziL/
0M8AoKJAuPvPu2SXSN7O2BOtzyTnvHxw
=yuuo
-----END PGP SIGNATURE-----

[ reply ]
RE: Bitlocker without PIN Feb 24 2011 09:42PM
Per Thorsheim (putilutt online no)


 

Privacy Statement
Copyright 2010, SecurityFocus