AND laptops also have an pcmcia/expresscard slot, where you can insert a
Firewire adapter as well.

Along with Apple and their upgraded Macbook Pro comes "Thunderbolt",
also known as "Light Peak". A new, better and faster way of connecting
peripherals. And discussions are already up, with concerns of the same
type of attack being possible against Thunerbolt as with Firewire.

Again we're back to the risk analysis - since nothing is 100% secure.

Best regards,
Per Thorsheim
http://securitynirvana.blogspot.com/

On Fri, 2011-02-25 at 15:41 +0000, Jim Harrison wrote:
> ..a lot more than you might think include Firewire ports - the word "commodity" comes to mind.
> Even my Lenovo netbook has one and pretty much any desktop/workstation includes at least one Firewire port (they're very popular with digital musicians / producers, etc.).
>
> The biggest problem with most M-L orgs is that they tend to standardize their hardware before anyone has done any threat modeling (assuming that happens at all).
> You'd have to issue a pretty big PO before most computer mfr would be willing to tweak the hardware options that much.
>
> Jim
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Susan Bradley
> Sent: Thursday, February 24, 2011 2:19 PM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Re: Bitlocker without PIN
>
> How many laptops are sold with firewire ports?
>
> Wouldn't one mitigation technique for a prudent CTO/CIO would be to spec all laptops without that?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAk1n7nsACgkQsXl+Y9DQrvbxWgCePriS6kq4otY4BeTf/QUTziL/
0M8AoKJAuPvPu2SXSN7O2BOtzyTnvHxw
=yuuo
-----END PGP SIGNATURE-----

[ reply ]