Mitigating attacks against FDE (BitLocker, TrueCrypt, etc) via Firewire, Thunderbolt, or DMA

Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker

Good for versions of Windows including and after Vista and Server 2008.

Windows 8.1 (not 8.0) actually mitigates the attack out of the box now! See Choose the Right BitLocker Countermeasure on technet.microsoft.com (March 26, 2014).

Microsoft's site isn't the most clear since it tries to apply to many versions of Windows. The instructions actually have text that doesn't 100% match what your version of Windows may have.

Windows 7 Quick Start:

1. Run the program gpedit.msc
2. Local Computer Policy
3. Computer Configuration
4. Administrative Templates
5. System
6. Device Installation
7. Device Installation Restrictions
8. Prevent installation of devices using drivers that match these device setup classes
9. Enabled
10. Comment: https://support.microsoft.com/kb/2516445/
11. Show... (button inside Options: text box)
12. d48179be-ec20-11d1-b6b8-00c04fa372a7
13. Close the Show Contents window with OK
14. Scroll the Options: text area down until you see the checkbox option
15. Also apply to matching devices that are already installed.

• Enable TRIM/Discard on USB for Linux
• Router Forced TOR Access Point
• Python Pandas Excel Format Column Number Type
• VMConnect Hyper-V Custom Resolution Ubuntu
• Ubuntu VM with Enhanced Session Hyper-V with Sound

• Computer Problems
• Curriculum Vitae
• Free Stuff
• Games
• Misc
• Programming
• Security
• Tech Tricks