The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Thunderbolt ports vulnerable to hands-on hacks

2020-05-12 17:51 by
Tags: ,

 

Security researcher Björn Ruytenberg with the Eindhoven University of Technology recently published a report detailing a series of serious security vulnerabilities in Thunderbolt 2 and Thunderbolt 3, collectively called "Thunderspy."

The attack specifically targets Thunderbolt technology, which is a hardware interface developed by Intel (in collaboration with Apple) that allows users to consolidate data transfer, charging and video peripherals into a single connector. While Apple first introduced Thunderbolt ports on its MacBook Pro in 2011, the technology has also been widely adopted with varying PCs such as Dell, HP and Lenovo. The vulnerabilities are present in all machines with Thunderbolt/Thunderbolt-compatible USB-C ports shipped between 2011 and 2020.

Although hackers need physical access to a Windows or Linux computer to exploit the flaws, they could theoretically gain access to all data in about five minutes even if the laptop is locked, password protected, and has an encrypted hard drive. The entire process can reportedly be completed with a series of off-the-shelf components costing just a few hundred dollars. Perhaps most worryingly, the researcher says the flaws cannot be patched in software, and that a hardware redesign will be needed to completely fix the issues.

Ultimately, Ruytenberg says that the only way for users to fully prevent against such an attack is for them to disable their computer's Thunderbolt ports in their machine's BIOS, enable hard drive encryption, and turn off their computer when leaving it unattended.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About