Thunderbolt flaw exposes millions of PCs to attack

Thunderbolt flaw exposes millions of PCs to attack

Thunderbolt flaw exposes millions of PCs to attack

The good news is that they need five minutes with your physical hardware to do it. If your system is found to be at risk, all you can really do is to follow the best practice advice of not leaving your computer unattended.

Some systems manufactured in 2019 with Kernel direct memory access (DMA) Protection, however, are safeguarded against Thunderspy attacks, but only partially.

This is what the researcher Björn Rutenberg, from the Technical University of Eindhoven, has named it, where computers with Windows or Linux before 2019 (and many later) have a vulnerability that allows skipping the login screen of a computer, and even encryption of the hard drive to access the data.

According to Ruytenberg, the Thunderspy technique (demonstrated in this video) only requires circa $400 worth of equipment, which can be used to rewrite the Thunderbolt controller's firmware and override security mechanisms. Using this, hackers can bypass any software-based security restriction on your device, and in turn, gain access to your entire computer's data load.

The researcher claims the only way to remedy the flaw - which he refers to as Thunderspy - is to completely disable the Thunderbolt port through the computer's BIOS.

High enzyme levels in men aids infection
A new study has found that men's blood has higher levels than women's of a key enzyme used by the new coronavirus to infect cells. Now, their study is one of the top answers when people are researching why men are more vulnerable to COVID-19 compared to women.

In a blog post responding to the report, Intel claims the underlying vulnerability is not new and that it was addressed in versions of the operating system a year ago.

At the time, it was advised that those with the port enabled should set its security levels so that unknown devices trying to access the computer would be blocked.

Granted, you need physical access to the PC or laptop, but Thunderbolt has been exposed to being vulnerable, in fact, I need to restate that, it has seven vulnerabilities. A remedy offered by the company included a patch known as Kernel DMA Protection that protects laptops from some of the vulnerabilities.

ZDNet listed those models as "HP EliteBook and ZBook 2019 and later, Lenovo ThinkPad P53 and X1 Carbon 2019 and later, and the Lenovo Yoga C940, if it shipped with Intel's Ice Lake CPU". Maybe most worryingly, the researcher says the failings can't be patched in software program, and {that a} redesign can be wanted to utterly fix the problems. However, the second protection measure remains functioning and hence prevents any further impact on victim system security via DMA. Thunderbolt ports look like regular USB-C or MiniDisplay ports, except they've got a little lighting bolt printed next to the port instead or or alongside the regular USB or display symbols. In a response, Apple said: "Some of the hardware security features you outlined are only available when users run macOS". Users are therefore strongly encouraged to determine whether they are affected using Spycheck, a free and open-source tool we have developed that verifies whether their systems are vulnerable to Thunderspy.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.