Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking – locking unattended devices won't help

Discussion in 'other security issues & news' started by mood, May 10, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,807
    Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking
    The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and affects any PC manufactured before 2019
    May 10, 2020

    https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/
    Thunderspy - When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,198
    Yeah, so epoxy everything except USB, and limit USB to at most v2 (but v1 is safer).
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,807
    Intel Confirms "Thunderspy" Risk in Thunderbolt Devices
    May 11, 2020
    https://www.cdrinfo.com/d7/content/intel-confirms-thunderspy-risk-thuerbolt-devices
    Intel: More Information on Thunderbolt(TM) Security
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,807
    Major Thunderbolt security flaws found, affect Macs shipped 2011-2020
    May 11, 2020
    https://9to5mac.com/2020/05/11/thunderbolt-security-flaws/
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,807
    Microsoft might have been right to skip Thunderbolt 3 (again) on the new Surface Book 3
    May 11, 2020
    https://www.notebookcheck.net/Micro...again-on-the-new-Surface-Book-3.464769.0.html
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,807
    Thunderspy: What it is, why it’s not scary, and what to do about it
    Evil maids can use the Thunderbolt port to access your computer; many restrictions apply
    May 12, 2020

    https://arstechnica.com/information...is-why-its-not-scary-and-what-to-do-about-it/
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.