Just a few week ago a TV leaked that show up a Microsoft employee talk about Microsoft ’s posture on Thunderbolt 3 – show that it was n’t being used on the Surface product because it was n’t considered good due to concerns about “ indirect computer storage access . ”
Now a security researcher from the Technical University of Eindhoven has detailed a number of serious security measures exposure in the Thunderbolt interface protocol developed together with by Intel and Apple .
Security researcher Björn Ruytenberg’sreportdetails the security vulnerabilities in Thunderbolt 2 and Thunderbolt 3 , get it on as “ Thunderspy ” .
The vulnerability affect any Windows , Linux , or macOS computer with a Thunderbolt 2 or Thunderbolt 3 larboard that was produced before 2019 .
Ruytenberg play up seven vulnerability :
According to Ruytenberg , the most up - to - date macOS is no protection . He explains that a hacker could use a Thunderbolt gadget ( which would cost a few hundred pound ) to imitate the security ID of your gadget and then use it to do port - found attacks .
The hacker would ask physical admission to your computer but would potentially be able to bypass password - protection and an encrypted hard drive .
fit in to Ruytenberg , the vulnerabilities can not be alone patched by software . A ironware redesign would be necessary to stamp them out .
Ruytenberg demonstrates how the attack exploit in a video . He absent the back of a Lenovo ThinPad laptop and connect his hacker hardware . This accoutrement deactivates the notebook ’s security barrier and logs in the hacker as if he had the parole for the protected hardware . The operation only take a few minutes .
Thunderspy is not the first security falling out security experts have discovered in Thunderbolt . In 2019 a gap was describe that allowed hackers to take over devices via USB - C or DisplayPort .
Are you at risk from Thunderspy?
As a Mac substance abuser should you be come to ? Not overly so .
One key reason not to be worried right now it that to gain accession to your Mac via the Thunderbolt larboard the criminally inclined motive to have access to your Mac for around five minutes and a Thunderbolt hacking machine . In the current place of being in lockdown it ’s improbable that anyone with malicious intent will gain access to your Mac . So there ’s no need to panic yet , but what about when we are allow to go and sit in a coffee shop while we make for or study ?
However , even those Mac user who are taking their Macs out of doors have no real reason for concern . For starters Macs are only part vulnerable to two of the vulnerabilities cite above :
There is an exclusion though : If you are running Windows or Linus via Boot Camp on your Mac then you ’re vulnerable to all of the vulnerabilities .
This is because when Mac user start Windows via Boot Camp the Thunderbolt controller is set to security grade “ none ” ( SLO ) . This means that the hacker ( with access and the ripe equipment ) could go around the lock cover and get at the depicted object of your RAM or hard drive .
How to protect yourself from Thunderbolt hacks
Ruytenberg alsorecommendsthat users :
Intel’s statement
In ablog post , Intel react to Thunderspy saying that the gap is not new . Intel claim that it had already solved the problem with the release of a new operating system last yr .
agree to Wired however , this kernel direct memory access code protection has not yet been implemented by all ironware manufacturers . Protection was not found in Dell equipment . Only a few Lenovo and HP laptops used it . According to Ruytenberg , the only way to protect yourself against Thunderspy attacks is to inactivate Thunderbolt in the BIOS .
Intel ’s financial statement : In 2019 , major operating systems implemented Kernel Direct Memory Access ( DMA ) security to mitigate against attacks such as these . This includes Windows ( Windows 10 1803 RS4 and later ) , Linux ( kernel 5.x and later ) , and MacOS ( MacOS 10.12.4 and afterward ) . The researchers did not certify successful DMA fire against organisation with these mitigations enable . Please contain with your system manufacturer to specify if your scheme has these mitigations incorporated . For all systems , we urge play along stock security measures practices , admit the use of only trusted peripherals and preventing unauthorised strong-arm admittance to computers .
Here ’s the tweet regarding Intel ’s determination not to use Thunderbolt
surface do n’t have Thunderbolt because its insecure ? pic.twitter.com/lb7YYOOQ4Y
If you are concerned in the state of Mac security you might be concerned to read the following :
Do Macs get virus and should I have antivirus software .
Complete list of all the Mac viruses , malware and security flaws .
Reviews of thebest Mac antivirus software system .
