Thunderspy: What it is, why it’s not scary, and what to do about it

Thunderspy: What it is, why it’s not scary, and what to do about it

4 years ago
Anonymous $-9GJQVHNr8

https://arstechnica.com/information-technology/2020/05/thunderspy-what-is-is-why-its-not-scary-and-what-to-do-about-it/

There’s a new attack that uses off-the-shelf equipment to take full control of a PC—even when locked—if a hacker gets just a few minutes alone with it. The vector is a familiar one, the Thunderbolt ultrafast interface that connects graphics cards, storage systems, and other peripherals to millions of computers.

The hack, which took years to develop, is elegant. Its adept mix of cryptanalysis, reverse engineering, and exploit development punches a major hole in defenses that Thunderbolt creator Intel spent considerable time and resources to erect. Ultimately, though, the technique is an incremental advance in an attack that has existed for more than a decade. While the weakness it exploits is real and should be closed, the vast majority of people—think 99 percent—shouldn’t worry about it. More about that later. For now, here are the bare-bones details.

Last Seen
58 minutes ago
Reputation
0
Spam
0.000
Last Seen
24 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000
Last Seen
20 minutes ago
Reputation
0
Spam
0.000