Add a Comment
Email This
Statistics
Thread parent sort order:
Thread verbosity:
2 Nerd-Its
RE: Maybe...
I didn't mean to get us hung up on the iPod aspect of it. Got it. However, the target disk mode is entirely relevant because it's been a long known way of externally accessing Macs for quite a while, and to protect against unauthorized access, many of the protections are at the firmware level. It sounds from the article like this attack goes right into the system without any firmware protection at all, and in fact, sounds like it uses that firmware. I'm just agog that given the well known capabilities of target disk mode that such an exploit was left open.
This comment has 2 replies.
RSS
RE: Maybe...
And again, the target disk mode has been around on the Mac for a long time, so it kind of bewilders me that this would pop up as a vulnerability on the PC after all this time.
Yes - but it has absolutely nothing to do with the target disk mode.
The iPod just presents itself as an easy device from which to start. But it's an attack vector that can be replicated using nothing more than a firewire cable, a PC board and an embedded microprocessor. There are any number of micro-PCs these days and laptops with firewire that would allow software to make use of in order to perform the hack. The iPod is just innocuous and fits in your pocket - walk up to a PC, plug it in, the Linux hack writes a virus/rootkit/etc onto the target, you unplug and walk away. Go home and hack it when they reconnect. THAT's the hack. It's not going up and using a disk like mode to read their data while they're not looking.
View Full Discussion