Firewire-Based Physical Security Attacks on Windows 7, EFS and BitLocker
This paper discusses Firewire-based physical security attacks on Microsoft Windows 7. In the course of research, it was successfully able to bypass the Windows 7 RTM authentication check and logon with any password. While the attack vector itself is not new, also it describes the impact of Firewire-based Windows authentication bypassing on Microsoft's full-disk encryption solution BitLocker, the Windows Encrypted File System (EFS) and Windows domains. A comprehensive section on countermeasures on different layers concludes this paper.