Thunderclap Researchers Reveal Vulnerabilities Exploitable through Thunderbolt


(Josh Centers) #1

Originally published at: https://tidbits.com/2019/03/01/thunderclap-researchers-reveal-vulnerabilities-exploitable-through-thunderbolt/

A group of researchers has revealed a group of security vulnerabilities exploitable by merely plugging in a malicious Thunderbolt cable or peripheral.


(Al Varnell) #2

Similar issues concerning possible Thunderbolt and EFI attacks have been covered since at least 2015 as in https://trmm.net/Thunderstrike_2 and this 2017 article https://arstechnica.com/information-technology/2017/09/an-alarming-number-of-macs-remain-vulnerable-to-stealthy-firmware-hacks/.


(gastropod) #3

DMA attacks go back a long way and affect a lot of connection types. From wikipedia: FireWire, CardBus, ExpressCard, Thunderbolt, PCI, and PCI Express.

https://en.wikipedia.org/wiki/DMA_attack

The good part is that it requires physical access of some sort. The bad part is that it’s now comparatively easy to hide everything, including wi-fi data egress, in a normal looking cable.

A good rule of thumb is to not buy or use odd brand cables or cards, or to buy from places like amazon that are careless about mixing counterfeits in with genuine stuff.