Security Company Says Windows Firewire Hack Actually a Feature

A tool developed by Adam Boileau, a New Zealand security consultant with Immunity, can hack into a Windows computer in a matter of seconds via a connection made through a Firewire port. The hack dates back to 2006, but just recently Boileau has made the tool available to the public. However, what was initially interpreted as the exploit of security vulnerabilities in Windows and Mac OS X has nothing to do with the operating systems, and is essentially a feature of Firewire, revealed a member of security company Sophos.

"This isn't really a vulnerability or a bug. For better or for worse, it's a feature of the Firewire interface. Firewire supports what is called DMA (Direct Memory Access). This allows the Firewire hardware controller on your motherboard to read and write system memory directly, for flexibility and performance. It makes the Firewire interface great for high-bandwidth data capture, such as digital video, and it is also handy for remote system debugging and system forensics," revealed Paul Ducklin - Sophos Head of Technology, Asia Pacific.

The fact of the matter is that since this is neither a security vulnerability nor a bug, no operating system developer, including Microsoft, will be able to safeguard its users with a patch. Direct Memory Access essentially allows a hacker to bypass the operating system completely through a Firewire connection. But the good news in this context is that such a scenario would automatically involve physical access to a computer. This feature is not "exploitable" remotely.

"Microsoft has had a solution for years: if you have a Firewire port, disable the Firewire driver when you aren't using it. That way, if someone does plug into your port unexpectedly, they can't use it to interact with your PC, legitimately or otherwise. And look after your PC when it's unattended. A software lock on the keyboard and mouse provides some additional safety against fiddling, but it's not a proper security solution," Ducklin added.