http://www.hermann-uwe.de/blog/physical ... mitigation
- read arbitrary RAM contents from the victim's system,
- overwrite arbitrary RAM contents with whatever you want,
- and perform many, many severe attacks based on the two issues above. Examples include grabbing a full RAM dump via Firewire (takes only a few minutes), grabbing ssh-agent keys, grabbing screen contents, modifying screen contents, bypassing login/password screens, and many, many more...
This also includes unlocking a locked windows machine.
I was a a DefCon group meeting and one of the guys told me there was a similar attack for unlocking a windows machine but with a USB stick. He was pretty adamant, but I don't think it is possible since I don't believe there is DMA with USB. Can someone shed some light on the subject. I am not talking about AutoRun.