Apple Readies Fix for Thunderstrike Bootkit Exploit

CommanderFrank · Jan 25, 2015

Apple is reported to be addressing the Thunderstrike bootkit exploit as reported by Google earlier this week. A patch has been spotted in the next version of Yosemite (OS X 10.10.2) as a beta, usually signaling that the fix is not too far behind.

"According to people with access to the latest beta of OS X 10.10.2 who are familiar with Thunderstrike and how it works, that's exactly the deep, layered process that's been completed."

Knight_of_BAAWA · Jan 25, 2015

A bootkit for a mac? NOWAI! Steve Jobs promised everyone that "it just works", so there could never ever never ever be any malware--let alone a bootkit--for a mac.

Rylan · Jan 25, 2015

In before Mac bashing!

Oh wait, nevermind.

Knight_of_BAAWA · Jan 25, 2015

Well, if the stupidly smug hipster asshole mac lusers weren't so smugly stupid, they wouldn't get as much shit as they do.

Pinski · Jan 25, 2015

This bootkit is awfully cool, and a problem with the fact that you have an externally accessible PCIe bus which allows you to have the system boot device firmware which can do just about anything.

Wonder if a similar bootkit can be done on non-apple motherboards that have thunderbolt.

evilsofa · Jan 25, 2015

This firmware bootkit requires physical ownership of the Mac, however briefly, because you need to plug a nefarious device into the Thunderbolt ports. The classic Hollywood style of hacking.

Pinski said:
This bootkit is awfully cool, and a problem with the fact that you have an externally accessible PCIe bus which allows you to have the system boot device firmware which can do just about anything.

When the enemy has physical ownership of your hardware, they can do just about anything to it. A Windows PC is no more secure than a Mac if a hacker has physical access to it.

Deleted whining member 223597 · Jan 25, 2015

Knight_of_BAAWA said:
Well, if the stupidly smug hipster asshole mac lusers weren't so smugly stupid, they wouldn't get as much shit as they do.

Tell us how you really feel.

hackztor · Jan 25, 2015

For home users ya not big, but for education could be a big issue. Physical access is easy on "public" lab machines that are throughout many schools.

evilsofa said:
This firmware bootkit requires physical ownership of the Mac, however briefly, because you need to plug a nefarious device into the Thunderbolt ports. The classic Hollywood style of hacking.

When the enemy has physical ownership of your hardware, they can do just about anything to it. A Windows PC is no more secure than a Mac if a hacker has physical access to it.

dasaint · Jan 26, 2015

mmmm with the way 10.10.0 and 10.10.1 have worked are they sure the OS isnt a Virus??? i had to backrev my macbook to 10.9.5 just to make the WIFI/Bluetooth work...

xJ321x · Jan 26, 2015

dasaint said:
mmmm with the way 10.10.0 and 10.10.1 have worked are they sure the OS isnt a Virus??? i had to backrev my macbook to 10.9.5 just to make the WIFI/Bluetooth work...

Not me so not a virus.

Apple Readies Fix for Thunderstrike Bootkit Exploit

CommanderFrank

Cat Can't Scratch It

Knight_of_BAAWA

Gawd

Rylan

Gawd

Knight_of_BAAWA

Gawd

Pinski

Limp Gawd

evilsofa

[H]F Junkie

Deleted whining member 223597

Guest

hackztor

Weaksauce

dasaint

[H]ard|Gawd

xJ321x

Limp Gawd