Photo by Thunderclap Team
A team of researchers has unearthed a group of security vulnerabilities that they’ve dubbed Thunderclap because the most common way of exploiting them is through Thunderbolt (PCs are also vulnerable through PCI Express devices). Thunderclap vulnerabilities take advantage of direct memory access—essential for maximum performance—between usually internal peripherals like graphics processors and network cards. However, technologies like Thunderbolt allow peripherals that are granted direct memory access to be hot-plugged at any time, enabling attacks on temporarily unattended computers. Plus, Thunderbolt’s use in charging means that attackers could create malicious public charging stations.
Unfortunately, Thunderclap affects basically all operating systems—the researchers call out macOS, Windows, Linux, and FreeBSD—and all Macs released since 2011 other than the 12-inch MacBook, which has only USB-C. The researchers disclosed Thunderclap to vendors in 2016 and have worked with them since. Apple, Intel, and Microsoft have all responded to some extent—Apple addressed a specific network card vulnerability in macOS 10.12.4 Sierra and later, but the Thunderclap researchers say other vulnerabilities remain unaddressed.
The likelihood of everyday users being targeted by an attacker using Thunderclap seems very low at the moment. The best defense, for now, is to be careful about what you plug into your computer, and if you’re a high-value target for some reason, to avoid leaving your computer unattended.
- Understanding How Apple Security Research Devices Likely Work and Stay Secure
- The Case of the Top Secret iPod
- Juggle Video Meetings More Easily with Meeter and Fantastical
- iOS 13.7 Integrates Apple’s COVID-19 Exposure Notifications
- How to Build the Best Environment and Technology for School at Home
- How iOS and macOS Dictation Can Learn from Voice Control’s Dictation
- New Members