Arlen Holder leaves out interesting detail (was Thunderspy:Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking (aka "evil maidattack")
On 2020-05-11 3:23 a.m., Arlen Holder wrote:
o *Thunderspy*
https://thunderspy.io/
o "evil maid attack"
https://youtu.be/7uvSZA1F9os
o *Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking*
https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/
"The so-called Thunderspy attack takes less than five minutes to pull off
with physical access to a device, and it affects any PC manufactured
before 2019."
The "technique can bypass the login screen of a sleeping or locked
computer - and even its hard disk encryption - to gain full access
to the computer's data. And while his attack in many cases requires
opening a target laptop's case with a screwdriver, it leaves no trace
of intrusion and can be pulled off in just a few minutes."
"there's no easy software fix, only disabling the Thunderbolt port"
"Computers running Apple's MacOS are unaffected."
Now, I wonder why that would have been omitted?
:-)
|