Firewire-based physical security attacks on Windows 7, EFS and BitLocker

This paper discusses Firewire-based physical security attacks on Microsoft Windows 7. In the course of his research, the author was successfully able to bypass the Windows 7 RTM authentication check and logon with any password.

While the attack vector itself is not new, he also describes the impact of Firewire-based Windows authentication bypassing on Microsoft’s full-disk encryption solution BitLocker, the Windows Encrypted File System (EFS) and Windows domains. A comprehensive section on countermeasures on different layers concludes the paper.

Download the paper in PDF format here.

For more information on Windows 7 security, read our interview with Paul Cooke, Director of Windows Product Management at Microsoft.