Posted by: Ken Harthun
physical security, Security, Security best practice
From Wikipedia: “The IEEE-1394 interface, developed in late 1980s and early 1990s by Apple as FireWire, is a serial bus interface standard for high-speed communications and isochronous real-time data transfer. The 1394 interface is comparable with USB and often those two technologies are considered together, though USB has more market share.”
FireWire has some inherent security issues due its ability to communicate by direct memory access (DMA). In many implementations, this is done in hardware without direct operating system intervention which “can be a security or media rights-restriction risk if untrustworthy devices are attached to the bus.” What to do about it? From Wikipedia:
…high-security installations will typically either purchase newer machines which map a virtual memory space to the FireWire “Physical Memory Space” (such as a Power Mac G5, or any Sun workstation), disable relevant drivers at operating system level, disable the OHCI hardware mapping between FireWire and device memory, physically disable the entire FireWire interface, or opt not use FireWire hardware.
My simple take on it is that if you aren’t using it, disable it. Sure, a FireWire hack would require physical access to your system and isn’t a remote access threat. Nevertheless, it is a door and should be locked. You lock the doors to your house, don’t you?