Thunderbolt flaws affect millions of computers – even locking unattended devices won’t help
On Sunday, Dutch security researcher Björn Ruytenberg released a report detailing nine attack scenarios that can occur against all computers with Thunderbolt distributed since 2011. Some of the attacks give an attacker the ability to quickly steal data from encrypted drives and memory with physical access. Ruytenberg warned that, even when following best security practices, the attacks still work.
Microsoft expressed concern about the vulnerability of Thunderbolt 3 to Direct Memory Access (DMA) attacks, deciding to disclude the software from its Surface devices. However, all Apple mac Computers since 2011 contain Thunderbolt. The technology is vulnerable to this type of attack because Thunderbolt features a PCIe device that has DMA, leaving the tech open to an attack via a connected peripheral to access system memory.