Thunderbolt Vulnerabilities Leave Computers Wide-Open, Researchers Find – slashdot.org

Thunderbolt Vulnerabilities Leave Computers Wide-Open, Researchers Find - slashdot.org

Thunderbolt Vulnerabilities Leave Computers Wide-Open, Researchers Find - slashdot.org

Be sure that you trust the USB-C device that you plug into the Thunderbolt port on your brand new computer.

In order to achieve the high-throughput speeds available with Thunderbolt, the security model of USB-A and USB-B was side-stepped.  This side-step allows for an order magnitude faster transfer rates.  The big caveat is the security is lowered on the USB-C devices, so you really should be cautious.

Don't plug in just any old USB-C device that you find laying around, especially in a public setting or work setting.

The vulnerability allows remote users to log your keystrokes and execute programs on your system without your knowledge, at the same time you are using your MacBook.

--------------------

USB-C, tho, is an awesome technology for transferring data.  It's the cornerstone of Virtual Reality (VR) headsets, such as the Oculus Rift or Samsung Vive.  It also provides superior flash drive storage use, by allowing SanDisk and Samsung to be able to have micro-USB cards of 256 GB - 2 TB in size, for an object that is smaller than your thumbnail.

[amazon_link asins='B0758NHWS8,B072HRDM55,B07857Y17V,B06X1CSCZB,B01E17LOL6,B00SQ5WCQ6,B00TYK7HH6' template='ProductCarousel' store='us-1' marketplace='US' link_id='686f2784-020e-4dc1-96de-a07cca77ce25']

https://hardware.slashdot.org/story/19/02/27/0015214/thunderbolt-vulnerabilities-leave-computers-wide-open-researchers-find

Bismillah writes:

Researchers have published the results of exploring how vulnerable Thunderbolt is to DMA attacks, and the answer is "very." Be careful what you plug into that USB-C port. Yes, the set of vulnerabilities has a name: "Thunderclap".

"Thunderbolt, which is available through USB-C ports on modern laptops, provides low-level direct memory access (DMA) at much higher privilege levels than regular universal serial bus peripherals," reports ITNews, citing a paper published from a team of researchers from the University of Cambridge, Rice University and SRI International. "This opens up laptops, desktops, and servers with Thunderbolt input/output ports and PCI-Express connectors to attacks using malicious DMA-enabled peripherals. The main defense against the above attacks is the input-output memory management unit (IOMMU) that allows devices to access only the memory needed for the job to be done. Enabling the IOMMU to protect against DMA attacks comes at a high-performance cost, however. Most operating systems trade off security for performance gains, and disable the IOMMU by default."

"Apple's macOS uses the IOMMU, but even with the hardware defense enabled, the researchers were able to use a fake network card to read data traffic that is meant to be confined to the machine and never leave it," the report adds. "The network card was also able to run arbitrary programs at system administrator level on macOS and could read display contents from other Macs and keystrokes from a USB keyboard. Apple patched the vulnerability in macOS 10.12.4 that was released in 2016, but the researchers say the more general scope of such attacks remains relevant."

Thunderbolt is the brand name of a hardware interface developed by Intel (in collaboration with Apple) that allows the connection of external peripherals to a computer. Thunderbolt 1 and 2 use the same connector as Mini DisplayPort (MDP), whereas Thunderbolt 3 re-uses the Type-C connector from USB. It was initially developed and marketed under the name Light Peak, and first sold as part of a consumer product on 24 February 2011.[1]

Thunderbolt combines PCI Express (PCIe) and DisplayPort (DP) into two serial signals,[5] and additionally provides DC power, all in one cable. Up to six peripherals may be supported by one connector through various topologies.

https://en.wikipedia.org/wiki/Thunderbolt_(interface)

[siteorigin_widget class="SiteOrigin_Widget_Image_Widget"][/siteorigin_widget]
[siteorigin_widget class="SiteOrigin_Widget_Image_Widget"][/siteorigin_widget]
[siteorigin_widget class="SiteOrigin_Widget_Image_Widget"][/siteorigin_widget]