I'm not a security expert... but I'd love to hear from one about this. I know the old rule about physical access means your computer is pretty much 0wned already, but this seems to make it phenomenally easy.... especially considering this statement:
As of version 0.2.0, it is able to unlock Windows 8 SP0, Windows 7 SP0-1, Vista SP0 and SP2, Windows XP SP2-3, Mac OS X Snow Leopard, Lion and Mountain Lion, Ubuntu 11.04, 11.10 and 12.04 x86 and x64-bit machines. Signatures are added by request. <--- Basically these are the OS's we've done so far, many more to come!
tl; dr; Can we get a security wizard's input on this tool?
This is not a Firewire specific thing either, even much newer versions of these types of DMA access channels (like Thunderbolt) suffer from the same problems in most implementations.
While this isn't a new thing, having an easily available all-in-one tool like this (assuming it works, I haven't tested it personally) is a bit of a "Firesheep" moment in that it could bring what was always possible but kind of geeky-hard to the masses in one easy to use tool, which could wreak a lot of havoc.
Ever since the PS3 was hacked with a USB device causing a buffer overflow in the USB driver, I've been wondering how long it would be before someone discovered PCs were vulnerable to something similar. This just goes to show that security experts need to be involved in more aspects of hardware design.
As of version 0.2.0, it is able to unlock Windows 8 SP0, Windows 7 SP0-1, Vista SP0 and SP2, Windows XP SP2-3, Mac OS X Snow Leopard, Lion and Mountain Lion, Ubuntu 11.04, 11.10 and 12.04 x86 and x64-bit machines. Signatures are added by request. <--- Basically these are the OS's we've done so far, many more to come!
tl; dr; Can we get a security wizard's input on this tool?