• Likes
  • Followers

Trending

  • The Role of SEO Resellers
  • AMD introduces three new Ryzen 7000 CPUs with lower power consumption
  • Alienware introduces ips monitor with 500Hz panel
  • Alienware gaming laptops get RTX 40 cards, Intel 13th CPUs and rgb touchpad
  • Tesla delivered record number of cars in 2022, but fails to meet growth targets
  • Samsung shows ultrawide monitor with 7680×2160 pixels and 49″ OLED monitor
  • Xiaomi announces budget phone with 50-megapixel camera and 5000mAh battery
  • Hisense releases smartphone with 6.1″ screen from E Ink
  • Google settles for $ 30 million in the US for misleading with location settings
  • Rumor: Redfall from Dishonored creator Arkane will be released in early May 2023

TechWarrant.Com TechWarrant.Com - Best Technology Stuff from Around the World

  • Home
  • Apps
  • Games
  • Informative
  • Internet
    • Extensions & Addns
    • Web Site
  • Gadgets
  • News
  • Review
  • Vehicles & Robots
  • Top Lists
  • Tips & Tutorial
  • Misc.
  • Contact
TechWarrant
  • Home
  • News
  • Eindhoven researcher cracks Thunderbolt 3 security
News

Eindhoven researcher cracks Thunderbolt 3 security

By admin On May 11, 2020

A researcher from Eindhoven University of Technology has presented Thunderspy, a series of vulnerabilities that breach the security of Thunderbolt 1, 2 and 3. Abuse does require physical access and opening systems.

According to Björn Ruytenberg, Computer Science and Engineering student at TU/e, all Thunderbolt-enabled systems delivered between 2011 and 2020 are vulnerable to Thunderspy. The vulnerabilities may also have consequences for Thunderbolt 4 and USB 4, which are based on Thunderbolt 3. According to Ruytenberg, fixing the vulnerabilities via software updates is not possible and hardware adjustments are required. The vulnerabilities mainly affect Windows and Linux; the impact on macOS is limited. The researcher has released the free open source tool Spycheck for Windows and Linux, which allows users to determine whether their system is vulnerable.

Thunderspy cracks the so-called Security Levels that Intel introduced with Thunderbolt 2 to remedy previous weaknesses in the technology. Security Levels provides cryptographic authentication of trusted Thunderbolt devices to prevent spoofing. Thunderspy covers seven Thunderbolt-related vulnerabilities, including issues related to firmware and device authentication, and the lack of Thunderbolt security when using Boot Camp to run Windows on a Mac. Ruytenberg describes a few scenarios with proof-of-concepts to be able to exploit the vulnerabilities in practice.

Thunderspy allows attackers to create arbitrary “identities” for Thunderbolt devices and clone devices that users have already approved. In addition, the researcher has developed a Thunderbolt Controller Firmware Patcher, which can be used to disable Thunderbolt security without requiring access to the bios or operating system. Finally, there is the SPIblock tool to prevent future firmware updates and make the Thunderbolt protection disablement permanent.

To successfully exploit the vulnerabilities, physical access to the vulnerable systems is required. This scenario is known as evil maid attack, where for example a laptop left in a hotel room can be taken care of by an attacker. The attacker would need to hack into a system to obtain the firmware image of the spi flash memory of a Thunderbolt host controller. A system can remain in sleep mode and there is no need to bypass login.

Systems with Kernel DMA Protection enabled are partially protected against Thunderspy. In practice, these are some systems that have been delivered from 2019. Ruytenberg lists the 2019 and later HP EliteBook and ZBook, the 2019 and later Lenovo ThinkPad P53, 2019 and later X1 Carbon, and the Lenovo Yoga C940 with Intel Ice Lake processors. Users who want to prevent their system from being susceptible to Thunderspy are advised to disable Thunderbolt in the BIOS. In any case, the researcher advises not to leave systems unattended in sleep mode and only connect trusted Thunderbolt accessories. When shutting down the system or in hibernation, the tools he developed cannot be used.

Ruytenberg informed Intel of the various vulnerabilities in February and March. After this, the chip manufacturer would only have informed a limited number of partners. The researcher details his findings in a paper titled Breaking Thunderbolt Protocol Security: Vulnerability Report. He will present more details at the Black Hat conference later this year. His research builds on the Thunderclap attack, which was revealed a year ago.

Prev Post

Rumor: Diablo II remaster coming this year

Next Post

Qualcomm presents Snapdragon 768G

Recent Posts
  • The Role of SEO Resellers
  • AMD introduces three new Ryzen 7000 CPUs with lower power consumption
  • Alienware introduces ips monitor with 500Hz panel
  • Alienware gaming laptops get RTX 40 cards, Intel 13th CPUs and rgb touchpad
  • Tesla delivered record number of cars in 2022, but fails to meet growth targets
  • Samsung shows ultrawide monitor with 7680×2160 pixels and 49″ OLED monitor
  • Xiaomi announces budget phone with 50-megapixel camera and 5000mAh battery
  • Hisense releases smartphone with 6.1″ screen from E Ink
  • Google settles for $ 30 million in the US for misleading with location settings
  • Rumor: Redfall from Dishonored creator Arkane will be released in early May 2023
© 2023 - TechWarrant. All Rights Reserved.
Sign in

Welcome, Login to your account.

Forget password?
Sign in

Recover your password.

A password will be e-mailed to you.