dma attack - weakish/cheat GitHub Wiki

An attacker can penetrate a computer or other device, by exploiting the presence of high-speed expansion ports that permit Direct Memory Access ("DMA").

ports

Examples of connections that may allow DMA in some exploitable form include FireWire, ExpressCard, Thunderbolt, PCI and PCI Express.

mitigations

• Preventing physical connections to such ports will prevent DMA attacks.
• On many computers, the connections implementing DMA can also be disabled within the BIOS or UEFI if unused, which depending on the device can nullify or reduce the potential for this type of exploit.
• Recent versions of Microsoft Windows require drivers to be tested and digitally signed by Microsoft, and prevent any non-signed drivers from being installed.
• Recent Linux kernels include the option to disable DMA by Firewire devices while allowing other functions.
• Windows 8.1 can prevent access to DMA ports of an unattended machine if the console is locked.