I got wind of this from Bruce Schneier’s Schneier on Security blog.
I’m primarily a PC user, and while I have machines with Firewire interfaces, I don’t have any devices that make use of them—I have lots of USB whatnots, though. According Wikipedia's Firewire entry one of the standard’s advantages over USB is that it has more capable interface hardware which can take the transfer management load off the CPU—perhaps SCSI vs. IDE is an apt analogy? I didn’t know is that these capabilities extend to DMA. This darkReading article sites an attack based on this feature, a Firewire device disabling a Windows machine’s password protection—Linux and OS X can be vulnerable as well.
The Wikipedia article reports that secure sites will either use machines that assign Firewire a virtual memory space (Power Mac G5's, Sun workstations), disable the hardware mapping between Firewire and memory, or not use Firewire at all.