"Thunderspy, a series of attacks that break all primary security claims for Thunderbolt 1, 2, and 3. So far, our research has found the following vulnerabilities:
- Inadequate firmware verification schemes
- Weak device authentication scheme
- Use of unauthenticated device metadata
- Downgrade attack using backwards compatibility
- Use of unauthenticated controller configurations
- SPI flash interface deficiencies
- No Thunderbolt security on Boot Camp"
No comments:
Post a Comment
Please add your voice to the conversation