Shouldn't firewire target mode be password protected?

E

Essage

Member
I started up my powerbook with firewire target mode yesterday, and suddenly I realized that I had acces to all files on the powerbooks harddrive from the host computer, without any authentication!

Is it supposed to be like this, or have apple forgot something here?

I think you should have to enter the root-password to start up with firewire target mode, or at least autheticate with an admins id & pw.
 
Do you authenticate to plug an external HD in? No. FW Disk mode is acting just like an external HD, and is not even booting up any version of MacOS to do the work, all in OpenFirmware. (There is no root password IIRC, unless you enabled the account)

This is one of those times where you really can't stop someone from grabbing the data if they really want it... since they have physical access to the drive/machine in this situation.

Just make it so it can't turn on (no battery, no AC will do the trick) while you are away and they can't get at the data without cracking open the case.
 
I found something called Open Firmware Password. Guess it was what i was looking for.

http://docs.info.apple.com/article....Value=100&showSurvey=true&sessionID=anonymous|147961551

Apple:
"When security is enabled, all keys that affect the normal start up of the computer are disabled. For example, you cannot start the computer from the internal CD drive by holding down the C key. If you wish to use special key sequences to startup, you must disable your Firmware security by using the Open Firmware Password application.

You can, however, temporarily use a different startup disk if you hold down the Option key while the computer is turned on. You are asked to enter the security password. Once the password is entered correctly, you can select the icon of the disk you want to use."

But i think the files still is accessible by an unauthorized user if the harddrive is connected to another computer via ata-interface, but firewire target mode is now "password protected".
 
Yeah, that will protect FW disk mode, but then you have to boot into OF or MacOS X just to disable the security and use FW disk mode, then re-enable on the next boot. Time consuming to say the least.

As I said earlier, if they have physical access to your machine, they can get the data they want. Even this won't stop them from booting up the machine and accessing the drive that way (your home directory is protected unless they can nab an Admin's ID and password). They can also remove the drive, slap it in an enclosure and access ALL contents without the need for a password.

Best security is to prevent physical access to the machine, rather than locking down the machine in a fashion that just makes it a hassle for yourself.
 
You must log in or register to reply here.
Back
Top