All about Security, News, Events and Incidents

Discussion in 'Security and Anti-Virus Software' started by Dr. AMK, Apr 26, 2018.

  1. Mr. Fox

    Mr. Fox BGA Filth-Hating Elitist

    Likes Received:
    Trophy Points:
    Security in this case referring to their financial position being such that they get to sell more trash. Need more RAM? No problem... buy another turdbook with more RAM. There is something for everyone. Kool-Aid is available in 6 exciting flavors.
    Ashtrix, jclausius and Papusan like this.
  2. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Likes Received:
    Trophy Points:
    Unfixable Flaw Found in Thunderbolt Port that Unlocks any PC in Less Than 5 Minutes | April 11, 2020

    Before we get started, we should first let you know that while this security exploit is serious, it requires actual physical access to a device to execute. However, with that access comes unprecedented control over a device, once connected to a free Thunderbolt port. In fact, a hacker could theoretically access all data on a computer in under 5 minutes. On top of that, this data can be accessed even if the PC is locked, password protected, and has SSD/HDD encryption turned on... yikes.

    Dutch researcher from the Eindhoven University of Technology has found a new vulnerability in Thunderbolt port that allows attackers with physical access to unlock any PC running Windows or Linux kernel-based OS in less than 5 minutes. The researcher of the university called Björn Ruytenberg found a method which he calls Thunderspy, which can bypass the login screen of any PC. This attack requires physical access to the device, which is, of course, dangerous on its own if left with a person of knowledge. The Thunderbolt port is a fast protocol, and part of the reason why it is so fast is that it partially allows direct access to computer memory. And anything that can access memory directly is a potential vulnerability.

    The Thunderspy attack relies on just that. There is a feature built into the Thunderbolt firmware called "Security Level", which disallows access to untrusted devices or even turns off Thunderbolt port altogether. This feature would make the port be a simple USB or display output. However, the researcher has found a way to alter the firmware setting of Thunderbolt control chip in a way so it allows any device to access the PC. This procedure is done without any trace and OS can not detect that there was a change. From there, the magic happens. Using an SPI (Serial Peripheral Interface) programmer with a SOP8 clip that connects the pins of the programmer device to the controller, the attacker just runs a script from there. This procedure requires around $400 worth of hardware. Intel already put some protection last year for the Thunderbolt port called Kernel Direct Memory Access Protection, but that feature isn't implemented on PCs manufactured before 2019. And even starting from 2019, not all PC manufacturers implement the feature, so there is a wide group of devices vulnerable to this unfixable attack.

    Thunderspy Thunderbolt Security Exploit Can Steal Your Data In Minutes, Millions Of PCs Vulnerable | Today

    Ruytenberg claims that Kernel DMA Protection doesn't provide full mitigation from attacks, and it cannot be fully patched with software. Also, he didn't find any Dell systems with full Kernel DMA Protection support, and only a handful of Lenovo and HP systems built in 2019 or later were found to be protected.

    The only way to fully prevent Thunderspy attacks is to disable your Thunderbolt ports from within BIOS according to the researcher. However, to see if your current Thunderbolt-equipped system is affected, you can use Ruytenberg's Spycheck utility for Windows or Linux.

    As I have stated before... No computer is or will be 100% secure. It's in their nature. Bash Intel processors for its recently discovered vulnerability issues etc and jump over on the Red side won't change this facts.

    Update 5/11/2020 3:13 PM ET: Intel has confirmed that the attack doesn’t work on computers that do have Kernal DMA protection enabled. “This attack could not be successfully demonstrated on systems with Kernel DMA protection enabled. As always, we encourage everyone to follow good security practices, including preventing unauthorized physical access to computers,” a spokesperson told Engadget in a statement. In addition, Intel has released a blog post giving its own perspective on the issue.
    Last edited: May 11, 2020
    jclausius likes this.
  3. jclausius

    jclausius Notebook Virtuoso

    Likes Received:
    Trophy Points:
    "Bluetooth flaw allows impersonation of trusted devices"

    - A flaw in a Bluetooth protocol is leaving millions of devices vulnerable to attacks, according to a study released by a Swiss research institute.

    - The vulnerability, called Bluetooth Impersonation AttackS (BIAS), allows an intrusion by an attacker posing as a previously trusted Bluetooth device.

    - More than 28 Bluetooth chips on nearly three dozen devices were found to be vulnerable. They include chips by Apple, Cypress, Qualcomm, Intel, Samsung and CSR.

    - The Bluetooth Special Interest Group (SIG) that oversee Bluetooth protocols says it will be updating the Bluetooth Core Specification covering mutual authentication rules and tightening security protocols.

    First Thunderbolt, now Bluetooth. Device connectivity comes with its set of issues.
    Papusan likes this.

Share This Page