Thunderbolt has seven vulnerabilities that cannot be patched on older PCs and Laptops
Click here to post a comment for Thunderbolt has seven vulnerabilities that cannot be patched on older PCs and Laptops on our message forum
DeskStar
Daaaaaaaaaaaamn. Glad it needs to be accessed locally from the actual machine. Just a bit more security issue icing on the cake for Intel....
Wonder if this is something that will effect my eventual purchase of my thunderbolt AIC for my tRX40 Aorus Xtreme? Not like someone is going to go out of their own way to come into my house and grab my not so sensitive data...
You have a better chance if any (good luck) to get through the network first at my place. Otherwise peeps would be met with a 12 GAUGE or a .45 to the face.
The Goose
Oh, yeah i need to take a dump too lol.
tsunami231
I dare some security firm and who ever else is purposely look for flaws to out go take intels 286/386/486 cpu along with amd first offering and look for flaws in them too....
Instead of Witch Hunts we have Flaw hunts. I have seen or heard of some many "flaws" and "security" holes in computer tech as I have in past few years since meltdown and spectre started all this
barbacot
Yeah, right...
Five minutes AND A SCREWDRIVER and I can steal you hdd and key your display with a message that I was there...
It is a capital rule in it security to not allow unsupervised physical access no matter how secure are the systems - even without this "vulnerability".
Reddoguk
Omg that's shocking ^^. Although i have no idea what a Thunderbolt even is. It's either a thunder clap or a lightning bolt.
barbacot
schmidtbag
Doesn't TB have direct PCIe access? I thought it was obvious from day 1 that it had security vulnerabilities.
Regardless, I'm getting rather bored of these "physical access vulnerabilities". They're meaningless and distracting us from the more severe remote-access threats.
Fender178
Heh another useless vulnerability because the hacker would have to steal the laptop to be able to use it. It's much more simple to steal a hard drive/SSD
Exactly. It's like that case fan vulnerability which hackers can use for something but the data transfer rate is so slow it's even worth doing.
Texter
HeavyHemi
No really....
Thunderbolt Security Issues
Thread starter PabloGS
Start date Feb 25, 2011
Figuring out yet another way is not really new news. It's just a variant on the same old, same old.
Venix
A lot of people at the office go to launch using their laptops etc completely unsupervised... They will also pick a flash drive they found on the road to see what .... TREASURE they found .... I guess the biggest security issue is the people first!
Reddoguk
They ripped the name from a Queen song, lawsuit inc^^......
dragonlord
So, Microsoft was right about TB being vulnerable -- which is why they stated a little while ago that they weren't using TB in the Surface products. Good on them!
alanm
Thunderbolt vulnerability is irrelevant compared to what can be done to your PC by someone with 5 min and a screwdriver.
Fox2232
Well, idea is to bypass physical security. (Business use cases have drives encrypted, therefore eliminating user login without need to shut down laptop is serious.)
Would it require shutdown of laptop, then he would not get through boot encryption.
It definitely has its uses.
But if he could do it without actually accessing flash for thunderbolt by connecting external device to TB port, that would have been really serious problem.
@alanm : Like nothing? Those hacks are not for purpose of unlocking laptop belonging to your wife. It is to steal PI/SPI and business secrets.
And those who have such data on mobile device have it encrypted. If not, then company enabling employee to use such insecure storage method gets what it deserves.
0blivious
This seems to be one of those flaws that you would have to be specifically targeted for. The equipment required to do this isn't cheap and the opportunity to do so requires alone time with the device.
This is a problem for businesses and governments but for the average person, this flaw appears trivial at best.
Picolete
Lol, a couple of years ago i said this will happend, similar problems to what firewire had