Researcher Finds 7 Vulnerabilities in Intel Thunderbolt Chips

Intel Thunderspy attack

Intel Thunderspy attack

There is more to the Thunderbolt port-related vulnerability.

The attack, known as Thunderspy, exploits vulnerabilities present in Thunderbolt 1, 2, and 3 and it works on any Windows or Linux computer with Thunderbolt ports sold before 2019. That bad actor now has full access to the computer.

The video which is included in the report demonstrates the how an attacker could take advantage of the vulnerability.

All Thunderbolt port attacks. including those associated with Thunderspy, require physical access, meaning the hacker must have your laptop or desktop in their hands to successfully complete the strike.

Researchers have uncovered a flaw in Intel's Thunderbolt port that jeopardises the security of millions of laptops manufactured before 2019. This in order to get access to your system, past the defenses that Intel had set up for your protection.

"While the underlying vulnerability is not new and was addressed in operating system releases a year ago, the researchers demonstrated new potential physical attack vectors using a customized peripheral device on systems that did not have these mitigations enabled", Bryant said on the blog Sunday.

"Despite our repeated efforts, the rationale to Intel's decision not to mitigate the Thunderspy vulnerabilities on in-market systems remains unknown". The Thunderspy vulnerabilities can not be fixed in software, impact future standards such as USB 4 and Thunderbolt 4, and will require a silicon redesign.

Ruytenberg claims to have found more potential vulnerabilities in Thunderbolt protocol, which is now are part of an ongoing researcher and expected to be revealed soon as 'Thunderspy 2'.

Grammy-winning 1970s soul singer Betty Wright dies at 66
She has been sampled by Beyoncé , Notorious B.I.G., SWG, 2Pac, YG, Slim Thug and more. "We were blessed to be around royalty". Some of her most well known songs include: Clean up Woman , Tonight is the Night , and No Pain.

Ruytenberg said he found seven vulnerabilities in Intel's design for the port, with nine different realistic scenarios for accessing a computer's data, collectively referred to as Thunderspy. There is some level of authentication between devices and the computer but if an attacker is able to make his own malicious device look like a trusted Thunderbolt device, as Ruytenberg has shown he can do, then he's in business. They've chosen a method that's cloneable. "The little I found I could easily break or bypass", he said.

"That could be your laptop or it could be your docking station or anything else".

For the purposes of the demonstration, he used about $400 worth of equipment, including an SPI programmer device with an SOP8 clip.

Intel also stressed that the most widely used operating systems have all introduced Kernal Direct Memory Access (DMA) protection to shield against attacks such as this. Here's how to check to see if your machine has Kernel DMA Protection.

"They need to change the silicon to only run signed code and that's not a simple thing."

"All Thunderbolt-equipped systems shipped between 2011-2020 are vulnerable", Ruytenberg continued, adding that the flaws can only be completely mitigated by redesigning and replacing the chips involved.

Many other PCs also have Thunderbolt capabilities.

Only devices with Thunderbolt connectivity are vulnerable to these attacks. To workaround the shortcomings on vulnerable systems, it's recommended you "ensure appropriate physical security when storing your system and any Thunderbolt devices, including Thunderbolt-powered displays", and "consider using hibernation (Suspend-to-Disk) or powering off the system completely". Finally, Thunderspy demonstrates the ability to permanently disable Thunderbolt security and block all future firmware updates. Intel, Apple and 11 OEMs/ODMs and the Linux kernel security team have been notified about the problems.

Recommended News

  • Apple Set to Increase iPhone Manufacturing in India

    Apple Set to Increase iPhone Manufacturing in India

    The government reportedly expects mobile phone exports to cross $100 billion through this scheme. Top Apple execs have reportedly met with government officials in the country.
    Trump BLASTS CBS reporter, tells her to 'Go ask China'

    Trump BLASTS CBS reporter, tells her to 'Go ask China'

    WEIJA: Why are you saying that to me, specifically? "I'm saying it to anybody that would ask a nasty question like that".
    Government announces £2bn to boost cycling and walking

    Government announces £2bn to boost cycling and walking

    A total of £10 million of additional support was also announced for vehicle charging points. Cars will remain an absolutely vital form of transport for many.
  • IPhone 12 Pro to get ProMotion 120Hz variable displays

    IPhone 12 Pro to get ProMotion 120Hz variable displays

    Apple's 120Hz ProMotion display , however, has always been a glaring exception to the rule. All that said, the flagship feature of the iPhone 12 will be its support of 5G.
    In leaked call, Obama describes Trump handling of virus as chaotic

    In leaked call, Obama describes Trump handling of virus as chaotic

    Flynn" and that the interview on January 24, 2017 was "conducted without any legitimate investigative basis". Obama called the U.S. handling of the pandemic "an absolute chaotic disaster".
    5 players test positive for coronavirus, La Liga confirms

    5 players test positive for coronavirus, La Liga confirms

    Real Madrid skipper Sergio Ramos believes resumption of football in the country will help provide boost to Spain's economy. Five players from Spain's top two leagues have tested positive for coronavirus , La Liga confirmed on Sunday.
  • New COVID-19 cases reported at Jackson County prison

    New COVID-19 cases reported at Jackson County prison

    Tulare County public health officials didn't share updated cumulative case counts on Monday. Skylight Gardens Assisted Living is reporting at least one new case.
    Ngannou stuns Rozenstruik with 20-second KO at UFC 249

    Ngannou stuns Rozenstruik with 20-second KO at UFC 249

    Francis Ngannou returned to the Octagon on Saturday night for UFC 249 , but he didn't stay there very long. Miocic is not ready to fight due to the coronavirus pandemic and his position as a firefighter in Ohio.
    Actor and comedian Jerry Stiller dies at 92: son

    Actor and comedian Jerry Stiller dies at 92: son

    He graduated from Syracuse University with a B.S.in speech and drama, and he also studied drama at HB Studio in Greenwich Village. Stiller began his career as a dramatic actor, logging roles in films such as " The Taking of Pelham One Two Three " and others.
  • Kim Kardashian celebrates first birthday of son Psalm

    Kim Kardashian celebrates first birthday of son Psalm

    In addition to putting the photos together in an album, Kim purchased the original camera he used to shoot the 1978 celebration. Rather, the issue was her closing statement as well as one of the photos she chose to post to Instagram .

    Iran Says Ready to Swap Prisoners with US

    He was released from prison in March on a medical furlough that required him to remain in the country. In a rare act of cooperation between two foes, the USA and Iran swapped prisoners in 2019.
    Nepal objects to Kailash Mansarovar road

    Nepal objects to Kailash Mansarovar road

    It covers Gossips, Politics, Movies, Technolgy, and Sports News and Photo Galleries and Live Coverage of Events via Youtube . India is also committed to resolving outstanding boundary issues through diplomatic dialogue, Srivastava had said.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.