“You can completely own any box whose Firewire port you can plug into in seconds”

By Janine de Blois

On Monday, Adam Boileau, a security researcher released “winlockpwn” a tool he first demonstrated at a security conference in Sydney in 2006. It enables complete access to a computer through the firewire port. The vunerability affects not only Windows as is being widely reported, but also Linux, Mac OS X, and BSD Unix. On his website, Boileau says, “…it’s a feature, not a bug. It’s the Fire in Firewire. Yes, I know this, Microsoft know this. The OHCI-1394 spec knows this. People with firewire ports generally don’t.”

The tool works through a Linux based computer which is attached to the target computer via firewire. Once connected, all passwords and logins can be reset by the hacker within a few seconds. With read and write access to memory, the hacker could then do pretty much anything from installing malicious code, to copying files, or even removing the computer to another location to examine at their leisure.

Paul Ducklin, of security company Sophos, offers the only protection against someone misusing this feature, “If you have a Firewire port, disable it when you aren’t using it. That way, if someone does plug into your port unexpectedly, your side of the Firewire link is dead, so they can’t interact with your PC, legitimately or otherwise.”