Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Bug Security

Thunderbolt Bug Lets Hackers Steal Your Data in 'Five Minutes' (thenextweb.com) 92

A new set of flaws discovered in the Intel Thunderbolt port has put millions of machines at risk of local hacking. This new research by Eindhoven University's Bjorn Ruytenberg suggests that if a hacker gains access to a machine for just five minutes, they could bypass login methods to gain full data access. From a report: Thunderbolt ports are present in machines with Windows, Linux, and macOS. So, that covers a lot of computers. Ruytenberg said all Thunderbolt versions and systems shipped between 2011 to 2020 are affected and no software patch can fix these vulnerabilities. So, Intel would need to redesign silicon in order to fix these flaws. There's not much you can do here. However, with open-source software called Thunderspy, developed by Ruytenberg and their team, you can check if you're affected by the Thunderbolt bug.
This discussion has been archived. No new comments can be posted.

Thunderbolt Bug Lets Hackers Steal Your Data in 'Five Minutes'

Comments Filter:
  • by wiredog ( 43288 ) on Monday May 11, 2020 @09:58AM (#60047806) Journal

    It's not a remote exploit.

    • Previously I would have said that that once an attacker has physical access that it's game over. That's still mostly true for me, but only if the machine is powered on.

    • Every office I ever went to, had all the ports exposed at the backside of the PC on/under the table I sat at.

      And ever, doctor first let me sit in that room, alone, for quite some time, between me being brought in from the waiting room, and him entered.

      During Windows 98 SP2 times, it was as trivial to infect their network, as sticking in a USB drive with a autorun.inf on it, or whatever it was called, waiting three seconds, and pulling it back out.

    • So, a glob of glue in the Thunderbolt port (if you don't use it), counts as a patch?

    • by goombah99 ( 560566 ) on Monday May 11, 2020 @11:01AM (#60048088)

      You have to physically open the computer up and reflash the thunderbolt controller. Given that I wonder why they say it can bypass disk encryption

      • Presumably, because you can do it while the computer is asleep, when encryption keys are already loaded.
        But this whole thing is pretty weak sauce.

        The only "issues" I see here are that:
        A) Windows will configure the IOMMU to match the SL of the thunderbolt controller (meaning if SL is 0, IOMMU is wide open)
        B) There doesn't appear to be signature verification on the thunderbolt firmware... which is hardly unusual for embedded controllers in PCs.
      • It's a longstanding issue with Thunderbolt's DMA. Basically, any thunderbolt device can read any memory location, even one containing encryption keys, whether or not you want it to. It's really, really, really, really insecure.
        • by tzanger ( 1575 )

          I thought this was well and truly taken care of with the IOMMU, have they still left it completely open?

    • by AmiMoJo ( 196126 ) on Monday May 11, 2020 @11:14AM (#60048178) Homepage Journal

      Physical security is important. Evil maid attacks at hotels, servers in datacentre racks. Crossing a border. It's one reason why we use encrypted drives and why AMD supports encrypted RAM.

      Back in the Firefire days the attacker would turn up with a device that let them not only access the hard drive but capture the entire RAM of a running machine. Thunderbolt was initially just as vulnerable but Intel introduced IOMMU to mitigate the attack, and it looks like they failed.

      • Thunderbolt was initially just as vulnerable but Intel introduced IOMMU to mitigate the attack, and it looks like they failed.

        IOMMU is programmed by the operating system.
        The default behavior of the drivers is to program the IOMMU to allow what it should allow, in the case of an SL0 thunderbolt controller- that's everything, and correctly so.

        Now, should the drivers be a bit more fucking paranoid about weird things like thunderbolt controllers in SL0? Probably so.

    • Well, yea, the first paragraph of the article is about that it's a local hack that requires physical access.

      I guess you could turn it into a remote exploit with the help of telekinesis.

    • by gweihir ( 88907 )

      It's not a remote exploit.

      Indeed. It is a local attack and it needs the attacker to open the computer and attach a connector to the Thunderbolt firmware FLASH chip. An attacker that can do that can in a similar fashion re-flash the main BIOS and completely compromise the system on next boot.

    • I think physical access = exploited just as much as anyone else (because you can cold boot, steal the storage, etc.) But all of those take minutes, while just popping something in and out of thunderbolt takes seconds. (And with the high speed bus there, I'm sure this exploit is VERY fast.) I don't know if this program can allow the device to simply copy all contents or write contents into the computer, but if it allows writing, you'd only need to be connected long enough to put some kind of root kit that fu
    • Not only does it require physical access, it requires tools computers and lots of stuff you aren't hauling with you to attack a laptop. This isn't a plug in a malicious thunderbolt dongle and it magically unlocks like some sort of spy movie. It requires taking apart the laptop, which if you have this much control, you have control of the system with numerous methods.
    • by Anonymous Coward

      Yeah, and five minutes is a long time. Pretty sure the previous one just took a few seconds, and was never really fixed either ;)

  • by Proudrooster ( 580120 ) on Monday May 11, 2020 @10:08AM (#60047842) Homepage

    Could this be made into a tool and used for Mac Data recovery for independent repair shops? :)

    • Recent Macs have the T2 chip that encrypts data on the internal built-in drive, so I don't think it would work for most people who need to recover data.

  • if you replace your back plate screws with something more proprietary than a phillips head screw. Or maybe a plate alarm which would go off if someone tried to open up your computer.

    Maybe someone could kickstart a back plate lock set that covers the screws.

    If I was at a coffee shop and went to the bathroom, and someone took apart my laptop, and plugged things into it, I would hope someone would notice.

    • by Thrakkerzog ( 7580 ) on Monday May 11, 2020 @10:12AM (#60047864)

      If you're not planning on using the port it could be filled with epoxy.

      • by Junta ( 36770 ) on Monday May 11, 2020 @10:29AM (#60047928)

        Of course, on some laptops the only charging ports are thunderbolt ports. So you have to leave the port available or your laptop won't be able to recharge.

      • The attacker already has to access the board to flash the thunderbolt chip. At that point you could just as well use the back pins of the thunderbolt connector. It would slow an attacker down but not defeat the attack.
      • by gweihir ( 88907 )

        If you're not planning on using the port it could be filled with epoxy.

        It is not about the external port. This attack needs the attacker to open the computer.

      • by clovis ( 4684 )

        If you're not planning on using the port it could be filled with epoxy.

        if I needed the port, I would put a glob of epoxy on the Thunderbolt chip pins on both side of the board.

    • by iggymanz ( 596061 ) on Monday May 11, 2020 @10:19AM (#60047896)

      if you go to the bathroom and leave your laptop in a coffee shop, you're a naive dumb-ass and shouldn't be surprised if someone runs out the front door with it.

      • Maybe try moving to a place where people aren't all criminals. There are plenty of places like this, though admittedly they are not areas heavily laden with coffee shops.

        • Say, uhm... where do you live? And I was thirsty for a nice cup o' joe! Any good coffee shops in your area... where do you go?
        • by dfghjk ( 711126 )

          Wow, talking about completely missing the point. You don't avoid high crime areas so that you can be careless.

        • I'd like to hear about these magical places with low crime and coffee shops. Of course I'm then going to tell you the actual crime rate and burst your bubble....

          • I do this in my local pub. You have to turn up early to get a table* for the pub quiz so I go straight after work, eat a sandwich I bought in the supermarket**, buy a drink and do a bit more work.
            I've never even asked someone else to keep an eye on it. It's one of the few places I'd do it though, but they definitely do exist.

            * It's very small and the quiz is very popular.
            ** They don't serve food so they're happy for people to turn up with their own food, takeaway, etc.

        • The UAE is awash with coffee shops. People regularly leave their laptops and phones on the tables when they wander off to the loo or prayer hall - or to buy another coffee.
        • Maybe try moving to a place where people aren't all criminals. There are plenty of places like this, though admittedly they are not areas heavily laden with coffee shops.

          In many places you would be statistically fine leaving your laptop unattended for a few minutes. You would still be very foolish to do so.

      • by bodog ( 231448 )

        Or a suspicious / malicious life partner / work colleague ?

      • by AmiMoJo ( 196126 )

        Try getting sales execs to practice proper security with their laptops, like not leaving them in the hotel room while they go out on a bender with the client.

    • by EvilSS ( 557649 )

      if you replace your back plate screws with something more proprietary than a phillips head screw.

      Wait, are you one of the engineers still putting "security screws" in products, oblivious to the fact that you can get the security bits from Amazon, Ebay, Harbor Freight, the local flea market, etc for next to nothing? They are more of an annoyance than anything else and someone going to the trouble of trying this exploit out in the wild is probably carry a kit with them just in case. Hell, the screwdriver used in the demo is part of a kit you can get on Amazon for about $18 and comes with just about ever

  • Now who's the idiot with the attackable PC?

    So long, suckers!

  • Only five minutes? Must not be using Charter
  • The security concept of "physical access is full access" is not new. This should not be a surprise to anyone who remembers/realizes that the Thunderbolt port can basically expose the computer's internal bus outside of the case. From the article: Being PCIe-based, Thunderbolt devices possess Direct Memory Access (DMA)-enabled I/O. You have the same risks with docking station connectors found on many laptops - for that matter the Thunderbolt connector *is* a docking station connector.
    • Na.
      In SL1+, IOMMU is programmed to be restrictive. Bus is useless for attacking.
      This "bug/exploit" involves patching the firmware of the Thunderbolt controller by opening up the laptop so that it reports itself as an SL0 device, which the drivers then open the IOMMU up for (since that's basically what an SL0 device is for)
  • by SuperKendall ( 25149 ) on Monday May 11, 2020 @10:43AM (#60047994)

    I was wondering why there was no Mac checker, reading the page as to why Apple has not fixed Thunderspy issues they say this:

    In our vulnerability disclosure procedure, Apple has stated the following:

    "Some of the hardware security features you outlined are only available when users run macOS. If users are concerned about any of the issues in your paper, we recommend that they use macOS."

    For the section on systems being affected, for MacOS they say:

    If you are running MacOS, your system is partially affected by Thunderspy. For recommendations on how to help protect your system, please refer to protections against Thunderspy.

    So for some reason when running OSX there are extra security measures in place, but it doesn't say what that means for the exploit. It seems like maybe the Mac encrypted drives cannot be bypassed as they say they can do for other systems?

    • by guruevi ( 827432 ) on Monday May 11, 2020 @10:54AM (#60048052)

      These issues have been known since FireWire had DMA as well. ThunderBolt is basically a PCIe bus, what you can do and what macOS does is enclave each of the devices using VT-d and IOMMU.

      Windows has something similar in later versions of Windows 10 with compatible hardware and drivers: https://docs.microsoft.com/en-... [microsoft.com]

      • by dfghjk ( 711126 )

        Yes, and I'd further note that ThunderBolt endpoints don't even need to be enabled when hot-plugged. Changes in configuration strategy, although they may be significant, could largely mitigate or even eliminate these threats.

        Also, as an interesting historical aside, I'll mention that Windows NT, which forms the basis for modern Windows, has had IOMMU support from day one. Why? Because NT grew out of DEC's effort to replace VMS which used IOMMU. This all existed before Macs even had preemptive multitaski

    • So you just have to reboot the machine with the hostile device plugged in to bypass the protections. Seems like a good design
    • by dfghjk ( 711126 )

      Oh look, SuperKendall finds something he can exploit to promote Apple products. What a surprise!

      So SuperKendall, did you find the answer to "why there was no Mac checker"? Did you notice that Apple did NOT say that it had "fixed" these issues?

      What makes you say that "it seems like maybe the Mac encrypted drives cannot be bypassed as they say they can do for other systems"? The same kind of evidence that makes you claim that humans naturally have a partial immunity to SARS-CoV-2? Wishful thinking? Tribal

    • by Junta ( 36770 )

      Basically the firmware setup for booting macOS enables a number of Thunderbolt mitigations, and for BootCamp, they just disable them all (is what I read in their paper). For a modern Windows laptop, they generally are enabled by default (because Windows does support them) but can be disabled (for example some older Windows or older Thunderbolt devices aren't compatible with the mitigations).

  • A bit overhyped... (Score:5, Insightful)

    by Junta ( 36770 ) on Monday May 11, 2020 @11:13AM (#60048164)

    Upon reading the paper, I think they have more hype than substance here. At least in terms of *newly* known things.

    The short of it is, they can defeat mechanisms intended to enable users/software to make informed decisions about whether to allow PCIe to a Thunderbolt device. They can mimic a 'trusted' Thunderbolt device (so the user would have already have had to assent to using a device and then they can swap in their spoof of the device to have an evil device with DMA access). They can also make a 'trusted' host controller run arbitrary firmware if they can rip out the flash chip from the motherboard and reprogram it.

    Once you have PCIe devices, you can do generically controversial PCIe things. The key is that Thunderbolt recognized that as controversial and made mechanisms to give user control over whether an external device gets to be a PCIe device. The novelty in this work is they can bypass those protections to get equivalent to internal PCIe device access. The problem is that the bypass portions requires you to get internal, at which point you could just attack some internal PCIe connection.

    They also point out that once a user trusts a Thunderbolt device, they can imitate that Thunderbolt device if they can swipe the device and mess with it, similar to them stealing a drive or PCIe device out of a system and then putting it back later modified.

    What they don't have is a scenario where an evil maid walks up with a magic dongle and downloads all the memory and/or disk contents within 5 minutes.

    • by Anonymous Coward

      A Thunderbolt port is just a giant hole plug-and-play internal expansion. Really neat for devices you keep in locked rooms, but kind of an issue in laptops.

  • Unless a bios lock is in place, every PC at risk if the attacker has physical access.
    • by gweihir ( 88907 )

      This bypasses that. If you access the SPI port of the FLASH chips that contain the BIOS, you can bypass a BIOS lock without even trying.

      • by dfghjk ( 711126 )

        As though that were easily done.

        • by gweihir ( 88907 )

          Flashing an SPI FLASH chip? If you have trouble doing that, you have no place in this discussion. There is no "BIOS lock" on the chip itself.

  • Literally dozens are affected.

  • by thereddaikon ( 5795246 ) on Monday May 11, 2020 @11:49AM (#60048432)

    This shouldn't be a surprise or revelation to anyone. It's a natural consequence of DMA. The whole point is to access system memory without having to go through the cpu and reduce overhead.

    This isn't a flaw in the system, its an explicit and intentional feature. DMA support allows Thunderbolt to act as external PCIe. Without it eGPU and other accessories wouldn't be possible.

    The "patch" is the same as for any where the attacker can physically access the machine, don't let them do it. If they can lay hands on the device you have already lost. that's rule #1 of security. If you can't guarantee physical security 100% of the time then you can mitigate the issue somewhat by disabling unused ports and using third party DLP software to intervene when unauthorized devices are connected and to alert you/IT.

    • by Junta ( 36770 )

      The crux of their paper does not seem to be that PCIe is possible, it is that they can bypass mechanisms intended to have the operator of the computer manage whether or not a particular device is allowed to be PCIe.

      If you plug in a PCIe attached GPU or NVMe or whatever, the subsystem causes user to be prompted "hey... there's this new device, is it cool to use it/allow it to do PCIe things" and the user should be able to say 'no', or even configure the device to never ever allow PCIe, but work fine for USB-

      • The crux of their paper does not seem to be that PCIe is possible, it is that they can bypass mechanisms intended to have the operator of the computer manage whether or not a particular device is allowed to be PCIe.

        Existing best practices is to assume that if the attacker has physical access then they have won. Yes you can mitigate that risk but the goal should be to prevent them from getting to the machine in the first place. Supposed authentication on external ports is not a replacement for this mindset.

        The crux of their paper does not seem to be that PCIe is possible, it is that they can bypass mechanisms intended to have the operator of the computer manage whether or not a particular device is allowed to be PCIe.

        On modern systems, PCIe is used as the primary interconnect between the various different components except for CPU to memory and CPU to Chipset. But your USB, SATA etc is ultimately running on PCIe, even if the soft

        • by Junta ( 36770 )

          "Disabling" PCIe on Thunderbolt is a misnomer as Thunderbolt is PCIe.

          Well, 'ThunderBolt' may be, but there are 3 different data protocols supported on the cable side:
          -PCIe
          -DisplayPort
          -USB

          So disabling PCIe over thunderbolt is really still allowing Displayport/USB over the connector. Of course at that point it is functionally 'just' USB-C so I suppose that is basically disabling Thunderbolt...

          The problem comes in that they decided 'Disable Thunderbolt' means disabling all the data over the ports. So you don't downgrade a Thunderbolt to a normal USB-C, you would downgrade a Thu

  • If you're on a Mac with a recent OS, you're protected, period. VT-d is enabled and will block ALL DMA attacks, including those from Thunderbolt.
    • by gweihir ( 88907 )

      Nope. If somebody manipulates your hardware, any system is vulnerable. Well, not a real HSM, because those brick themselves reliably when physically attacked.

  • So in one spot, this dude says "all Thunderbolt versions and systems shipped between 2011 to 2020 are affected and no software patch can fix these vulnerabilities".

    Then in another spot he says "If you are running MacOS, your system is partially affected by Thunderspy". How can it only be "partially" affected if all Thunderbolt versions and systems are affected and there's no software patch possible?

    Also Apple responded to him "Some of the hardware security features you outlined are only available when users

    • In his wording, "affected" includes "partially affected". Boot Camp "undoes this", because the Apple disables all security under BootCamp.

      No Thunderbolt security on Boot Camp. Apple supports running Windows on Mac systems using the Boot Camp utility [2]. When [doing so], Mac UEFI disables all Thunderbolt security by employing the Security Level “None” (SL0). As such, this vulnerability subjects the Mac system to trivial Thunderbolt-based DMA attacks.

      However, on MacOS itself: Regarding Thunde

  • There was a fun exploit you could run back in the day over FireWire where you ran a cable between your computer and the target, pretending to be an iPod. You could flip bits in memory on the remote system to make it think the password wasn't required for anything. It was a pretty nifty party trick.
  • If you can do that, you can also get to the SPI port of the system BIOS Flash and then you can write a new BIOS and can do anything. This is a completely ridiculous non-story, and serves only to make a media-splash.

  • Then they can just steal the machine and have physical access to it for as long as they need, in a location of their choice. This seems far more likely than some action-movie scenario where they rush in, mess with the computer, put it back together and leave undetected while you go to the bathroom.

  • How is this different from the warning Microsoft previously put out about Thunderbolt?

    https://www.theverge.com/2020/... [theverge.com]
  • I read through the paper... and there really is very little in the way of substance here. I think Intel is justified in not issuing CVEs for any of this. He starts with the assumption that DMA attacks are possible. For new designs that is not the case since the addition of IOMMU support in WIndows 10 1803/RS4. All the new Ice Lake laptops have IOMMU enabled for their Thunderbolt controllers, which eliminates the need for using ACLs for security. On new Ice Lake laptops you plug the Thunderbolt device in and

"I am, therefore I am." -- Akira

Working...