> I've never heard of Windows being compromised via the serial port!
As a point of order: serial port exploits exist for other OSes (Linux, Juniper, Cisco, APC...) and also for windows virtual com ports so whilst probably not trivial it's not entirely infeasible either.
Oh, nothing's infeasible, but the decision was made (not by me, tho' I agreed with it) to use an OS that didn't even offer a shell on COM1 at all. We could have used MacOS 7.5 equally well. The serial handling was raw; the worst thing that could happen (we believed) was that the process could be crashed by an attacker, at which point the port would just go dead and need a human to restart it, but there was no way to get sufficient control to do anything with the ISDN line (and even if there were, there was more security on the other side).
As a point of order: serial port exploits exist for other OSes (Linux, Juniper, Cisco, APC...) and also for windows virtual com ports so whilst probably not trivial it's not entirely infeasible either.