There’s a new Thunderbolt bug, check if your computer is affected

kac77 · May 12, 2020

"Thunderbolt ports are present in machines with Windows, Linux, and macOS. So, that covers a lot of computers. Ruytenberg said all Thunderbolt versions and systems shipped between 2011 to 2020 are affected and no software patch can fix these vulnerabilities. So, Intel would need to redesign silicon in order to fix these flaws."

https://thenextweb.com/security/202...rbolt-bug-check-if-your-computer-is-affected/

auntjemima · May 12, 2020

An article with no evidence and more than half of the article pushes their program. Neat.

Zarathustra[H] · May 12, 2020

I don't think I own any machine with a Thunderbolt port.

Armenius · May 12, 2020

Someone beat you to it. By nine hours.
https://hardforum.com/threads/thund...ws-access-to-pcs-data-within-minutes.1996516/

kac77 · May 12, 2020

Armenius said:
Someone beat you to it. By nine hours.
https://hardforum.com/threads/thund...ws-access-to-pcs-data-within-minutes.1996516/

Not trying to create duplicates. So it can be deleted. Or locked I suppose.

BinarySynapse · May 12, 2020

Every single scenario in the white paper required disassembly of the victim's hardware to obtain access to the firmware. So it's not really a vulnerability..

Dead Parrot · May 12, 2020

So far, I haven't seen where a modified firmware can cause the compromised computer to try to phone home via a network. If that happens, then this could be a real concern. Until then, this is another of those interesting weaknesses with little practical concern for most of us.

One article did mention some concern this bug could migrate to USB4 ports if they implement Thunderbolt compatibility.

pendragon1 · May 12, 2020

kac77 said:
Not trying to create duplicates. So it can be deleted. Or locked I suppose.

you can do both with the edit button...

bigddybn · May 12, 2020

Yet another "letting bad guys have physical access to our hardware is bad" paper vulnerability.

bigddybn · May 12, 2020

A far less stupid article from the same website that your time would be better spent on. https://thenextweb.com/neural/2020/...op-makes-any-klutz-shoot-like-michael-jordan/

There’s a new Thunderbolt bug, check if your computer is affected

kac77

2[H]4U

auntjemima

[H]ard DCOTM x2

Zarathustra[H]

Extremely [H]

Armenius

Extremely [H]

kac77

2[H]4U

BinarySynapse

[H]F Junkie

Dead Parrot

2[H]4U

pendragon1

Extremely [H]

bigddybn

Supreme [H]ardness

bigddybn

Supreme [H]ardness