1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Thunderbolt vulnerability exposed by University researchers

Discussion in 'Article Discussion' started by bit-tech, 12 May 2020.

  1. bit-tech

    bit-tech Supreme Overlord Staff Administrator

    Joined:
    12 Mar 2001
    Posts:
    2,906
    Likes Received:
    74
    Read more
     
  2. Dr. Coin

    Dr. Coin Active Member

    Joined:
    13 Sep 2013
    Posts:
    921
    Likes Received:
    187
    Personal computers and laptops are probably safe but I see this exploit being a concern for companies and institutions that have older computers and leave computers unattended for a long duration.
     
  3. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    5,617
    Likes Received:
    521
    What are the odds of gaining physical access to an unattended PC that has Thunderbolt?

    Probably more likely to win the lottery:p
     
  4. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,755
    Likes Received:
    477
    If I were so inclined, I could walk around the office and pwn a few hundred to a thousand or so devices (depending on time available), and the same is likely true of many offices. Anyone who leaves their laptop in a hotel room unattended - or doesn't take it with therm to the bathroom when they go to shower - can be pwned (commonly known as an 'evil maid' attack). In the current climate of drop-shipping laptops to now-suddenly-remote users anyone in the postal/courier system could perform this attack on device sin transit. Somebody who swaps out or seeds malicious Type C chargers could perform this attack, etc.
     
  5. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    5,617
    Likes Received:
    521
    You completely missed the joke about Thunderbolt being bloody rare in PCs...

    (not like it matters, because if you have physical access to a PC then the number of attack vectors is near infinite anyway)
     
  6. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,755
    Likes Received:
    477
    Not in the corporate/enterprise world it isn't. There has been a big push to adopt it because a) the docks are universal and not proprietary and b) they're not complete $#!£ like DispalyLink over USB docks are. Plus devices are refreshed on rolling 3-year cycles so most end up having Thunderbolt anyway.
    May be tempered now that the 'hotdesks for everyone!' hype train has thoroughly derailed and smacked into the bridge of 'no shared devices due to contact biohazard'.
     
Tags: Add Tags

Share This Page