Hacker Shows Us How to Unlock a Laptop Using an NSA Tool [video](motherboard.vice.com) |
Hacker Shows Us How to Unlock a Laptop Using an NSA Tool [video](motherboard.vice.com) |
Of course, using an Apple laptop to demo this makes a lot of sense: they are popular, almost ubiquitous, and they provide an external vector to full, direct memory access. But I don't think the scare factor holds up on a non-Apple device.
Even so, neither ExpressCard or internal PCIe are used for generic, everyday connectivity (like projectors / external screens). Thunderbolt on Apple laptops is marketed to be used for those.
USB 3.1 allows for comaptibility with TB under certain configurations, it also has a DMA and PCIe pass trough on its own.
FireWire had this issue, so did express card, heck even if you don't have TB, express card or any other PCIe external interface.
Open the laptop and either find an empty microPCIe slot or pull out the wireless card there is some risk of a BSOD but it works in many cases and voila you have DMA.
That said bot Intel and AMD do have ways of encrypting memory regions which can prevent DMA attacks.
Windows 10 has DMA port protection which enables the OS to restrict DMA access from external ports this is available from build 1507 but I'm not sure if it's enabled by default.
Edit: looks like this is enabled by default when Bitlocker is enabled on recent builds.