using inception, its super easy to dump a Mac's ram through the DMA feature of FireWire. This includes plaintext login passwords. I tried it, i saw my password, i wept.
Next step? obliterate firewire.
First step, move the firewire kext folder to you home directory for a backup:
sudo mv /System/Library/Extensions/IOFireWireFamily.kext ~
then make a placeholder directory for kicks and fun
sudo mkdir /System/Library/Extensions/IOFireWireFamily.kext/
then boot the mac using a system disk to set an openfirmware password.
once you set the password, the attack kind of stops working.
woot.
No comments:
Post a Comment