Thunderbolt Flaw Lets Hackers Steal Your Data in 'Five Minutes'
upstart writes in with an IRC submission for TurkeyWaddle:
Thunderbolt flaw lets hackers steal your data in 'five minutes':
Attackers can steal data from Thunderbolt-equipped PCs or Linux computers, even if the computer is locked and the data encrypted, according to security researcher Bjorn Ruytenberg (via Wired). Using a relatively simple technique called "Thunderspy," someone with physical access to your machine could nab your data in just five minutes with a screwdriver and "easily portable hardware," he wrote.
Thunderbolt offers extremely fast transfer speeds by giving devices direct access to your PC's memory, which also creates a number of vulnerabilities. Researchers previously thought those weaknesses (dubbed Thunderclap), could be mitigated by disallowing access to untrusted devices or disabling Thunderbolt altogether but allowing DisplayPort and USB-C access.
However, Ruytenberg's attack method could get around even those settings by changing the firmware that controls the Thunderbolt port, allowing any device to access it. What's more, the hack leaves no trace, so the user would never know their PC was altered.
[...] The attack only requires about $400 worth of gear, including an SPI programmer and $200 Thunderbolt peripheral. The whole thing could be built into a single small device. "Three-letter agencies would have no problem miniaturizing this," Ruytenberg said.
Intel recently created a Thunderbolt security system called Kernel Direct Memory Access Protection that would stop Ruytenberg's Thunderspy attack. However, that protection is only available on computers made in 2019 and later, so it's lacking in any models manufactured prior to that. In addition, many PCs manufactured in 2019 and later from Dell, HP and Lenovo aren't protected, either. This vulnerability might explain why Microsoft didn't include Thunderbolt in its Surface laptops.
Apple computers running macOS are unaffected by the vulnerability unless you're running Boot Camp, according to Ruytenberg.
Intel's official response appears in this blog post.
See Spycheck to test if your system is vulnerable.
Read more of this story at SoylentNews.