Thunderspy: Intel Thunderbolt Flaw Allows Access to PC's Data Within Minutes

Red Falcon

[H]ard DCOTM December 2023
Joined
May 7, 2007
Messages
12,381
Apparently, this flaw effects both Intel PCs and Macs with Thunderbolt 2 and 3, via Windows, Linux, and MacOS, ranging from 2011-2019.
The one saving grace is that it requires physical access to the system, but that doesn't help a computer that is stolen, even if it is password-protected.

https://www.theverge.com/2020/5/11/...ty-thunderspy-encryption-access-intel-laptops

https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/

https://www.macworld.com/article/35...nd-in-macs-and-pcs-should-you-be-worried.html

https://appleinsider.com/articles/2...d-by-unpatchable-thunderbolt-security-exploit

 
This is a none issue. Not only you need physical access you damn well need to nearly take the whole system apart.
For home users, perhaps, but in an enterprise, this will quickly become an issue.
 
  • Like
Reactions: N4CR
like this
If you allowing anyone to run modified firmware on your enterprise devices, you have bigger issues.
I don't think it is so much about "allowing" them to do it as much as a malicious party doing so of their own free will without the knowledge of said enterprise.
I know where you are coming from, though, and agree.
 
  • Like
Reactions: N4CR
like this
'They' say ...

If your PC data is stolen it's YOUR fault
If someone steals your ID it's YOUR fault
If someone steals your credit card # its YOUR fault

Then 'They' say you need to spend YOUR $$$ to get 'security protection'

It's never 'Their' fault because 'they're fear the People figuring out the truth of the matter.

Has to do with banks, power, control
 
Apparently, this flaw effects both Intel PCs and Macs with Thunderbolt 2 and 3, via Windows, Linux, and MacOS, ranging from 2011-2019.
The one saving grace is that it requires physical access to the system, but that doesn't help a computer that is stolen, even if it is password-protected.

https://www.theverge.com/2020/5/11/...ty-thunderspy-encryption-access-intel-laptops

https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/

https://www.macworld.com/article/35...nd-in-macs-and-pcs-should-you-be-worried.html

https://appleinsider.com/articles/2...d-by-unpatchable-thunderbolt-security-exploit





From the wired link:
"Computers running Apple's MacOS are unaffected."

If you are actually worried about this one on your Windows PC, disable your Thunderbolt port.
 
AMD boys must be glad they don't have

007 spectre
007 meltdown
007 thunderspy

trilogies
 
From the wired link:
"Computers running Apple's MacOS are unaffected."
Nice, that is a bit of good news.

If you are actually worried about this one on your Windows PC, disable your Thunderbolt port.
Almost all modern docks use Thunderbolt, so in many enterprises and situations, that isn't going to be an easy option.
 
Back
Top