On 2020-05-11 3:23 a.m., Arlen Holder wrote:
o *Thunderspy*
https://thunderspy.io/

o "evil maid attack"
https://youtu.be/7uvSZA1F9os

o *Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking*
https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/
"The so-called Thunderspy attack takes less than five minutes to pull off
with physical access to a device, and it affects any PC manufactured
before 2019."

The "technique can bypass the login screen of a sleeping or locked
computer - and even its hard disk encryption - to gain full access
to the computer's data. And while his attack in many cases requires
opening a target laptop's case with a screwdriver, it leaves no trace
of intrusion and can be pulled off in just a few minutes."

"there's no easy software fix, only disabling the Thunderbolt port"


"Computers running Apple's MacOS are unaffected."

Now, I wonder why that would have been omitted?


:-)