Thunderstruck by Steve'n'Seagulls (LIVE)
Posted on 05/11/2020 9:07:49 AM PDT by Swordmaker
Thunderbolt vulnerabilities can let attacker with physical access steal data from memory and encrypted drives.
A Dutch researcher has detailed nine attack scenarios that work against all computers with Thunderbolt shipped since 2011 and which allow an attacker with physical access to quickly steal data from encrypted drives and memory.
Researcher Björn Ruytenberg detailed the so-called Thunderspy attacks in a report published on Sunday, warning that the attacks work even when users follow security best practice, such as locking an unattended computer, setting up Secure Boot, using strong BIOS and operating system account passwords, and enabling full disk encryption.
Microsoft to apply California's privacy law for all US users Mind-reading technology: The security and privacy threats ahead How to replace each Google service with a more privacy-friendly alternative
Microsoft was sufficiently concerned about the vulnerability of Thunderbolt 3 to Direct Memory Access (DMA) attacks that it opted against including it in its Surface devices. Some Windows 10 OEMs have adopted Thunderbolt, while all Apple Mac computers since 2011 include Thunderbolt.
(Excerpt) Read more at zdnet.com ...
Oh dear, another panic. Whatever shall I do? /sarc
This stuff is becoming a cliche.
Maybe we need a keyword for computer clickbait, eh?
+1
This has been another Intel (they designed it) security issue for some time. The OEM’s (Dell, HP, Lenovo) all run bios/uefi security settings that you can enforce for thunderbolt. It’s hilarious that for once Microsoft comes down on the secure side of this. I firmly believe they only bailed on using it for the Surface line because they didn’t want to pay the licensing fees.
You can run bitlocker @256bit or Apple encryption, but I believe what they are concerned about is being able to intercept it by spoofing an approved hardware address (on the bus), just as your machine could send data freely to another authenticated device over thunderbolt.
I’m sure Intel will issue patched microcode to the OEM’s within a few weeks to address it.
gets into our telecomm rooms without approval from me or someone in my chain-of-command. I don’t care what they say or who they claim to be
Other then our tool belts we could have been someone off the street. It amazing where you could go by just wearing a tool belt and carrying a clipboard with a work order
-------Good one. . . Perhaps it was already taken.
Try this. Thunderstruck 2 cellos
I looked at the details.
Someone needs to physically at your computer to even try to implement it.
Ms Kimber doesn’t let strangers in my home.
Thunderbolt 3 is an extension to the PCI-e bus.
Imagine a expansion slot in your PC, shrank down to a very small connector.
Just about anything which can be placed in an expansion slot, can be placed on Thunderbolt 3.
A subset of that is USB-c, which I use to drive my monitor, keyboard and mouse.
The advantage is its ONE cable instead of 3-10.
Wise security practice, you don’t go plugging thumb drives into a USB port unless you know exactly what is on it.
Kind of like sharing condoms....not a good idea and more than a bit icky!
LOL!!
So all that needs to occur is a wireless-commo’d device plugged into the T-Bolt USB-C? Hack the device into the puter?
Thunderbolt? I remember it as a neo-Nazi newspaper in the ‘70s.
According to the article the problem is in the hardware and no software fix can fix it without a complete redesign of the silicon. Perhaps that’s true, perhaps not.
Awesome!
Thanks for the ping, but the closest app to Thunderbolt that I have is Thunderbird.
So I also heard that Lenovo received flawed thunderbolt controllers for nearly their entire laptop line. I think the issues go really deep with Intel’s architecture.
Ala Mission Impossible. The IMF force operative just walked down the hall, opened the equipment door and there was the building’s phone patch panel, no matter how secure the facilities were supposed to be, hook in a few alligator clips, hook up to his fancy gadgets, and they were in, ready for spoofing the bad guys! LOL!
Yep. It's a problem when telecomm racks are in a large I.T. computer facility with a mix of other computers. One time I was working on an important project for a major police department, and needed to test connectivity to remote police stations. The router manager was an ah*le and refused to allow me the connectivity through his routers (I was the former router manager several guys before him and knew what I was doing). I and another guy on my team pulled the floor tiles, and pulled cables between our equipment and outgoing equipment, completely bypassing the highly-secured routers. We did our testing, then removed the cables, no one the wiser. Enough knowledge and you can get around security.
That router guy was later fired, and jailed, for refusing access needed by police brass and mayor's office. Too anal!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.
