The Thunderbolt connection was developed for the purpose of provide maximum transmission speed through optical technology. Unfortunately, it has been revealed that there is a new attack on computers including that, as certain security breaches at Thunderbolt's ports jeopardize protected and important user data, but rest assured this is not so dangerous for Mac.
Thunderspy
This new attack was made physically and has been called Thunderspy. The case investigator In Björn Ruytenberg from the University of Eindhoven has created a site dedicated to this topic and that inform the whole community of the details of the problem.
In this site you explain that less than 5 minutes is enough to violate computer security. What the thief does is to remove the background device, connect a set of computer breakdowns, replace the firmware and replace the board.
Dangerous
Attack it leaves no trace because the device is believed to be the same user receiving the session; skipping the lock screen and allowing full access to all the information stored on the computer.
This is Thunderspy's risk so far, all of which have been confirmed by Intel:
- Unsupervised firmware validation
- Weakness in device authentication
- Unauthorized use of metadata
- Attack reduced using backlash
- Use of unauthorized controller configuration
- SPI flash interface defects
- There is no safety for Thunderbolt at Boot Camp
Right now this security feature is very important on computers with Thunderbolt and Windows or Linux system sold between 2011 and 2020. Apple users should be concerned about the recent statement that the Mail had security breaches, which the same company has already responded to, opposing plans that say Apple should fight against this potential e-mail sensation.
Those with a Mac are not in serious danger of being attacked by Thunderspy, because even though their computers have Thunderbolt ports is the only Mac after 2011 and allows Windows to run Boot Camp.
Given this problem, the Thunderspy site offers some security measures and a software that allows you to pinpoint if your computer can be hacked.
