Content deleted Content added
m →Impact: adj |
adds/adjs |
||
Line 18:
== Impact ==
The security vulnerability may affect millions of Apple, Linux and Windows computers, as well as any computers manufactured before 2019, and some after that.<ref name="WRD-20200510" /><ref name="FRBS-20200511" /><ref name="TSY-2020" /> However, this impact is restricted mainly due to how precise a bad actor would have to be to execute the attack. Physical access to a machine with a vulnerable Thunderbolt controller is necessary, as well as a writable ROM chip for the Thunderbolt controller's firmware.<ref name="TSY-2020" /> Since ROM chips can come in a BGA format, this isn't always possible. Additionally, part of Thunderspy, specifically the portion involving re-writing of the firmware of the controller, requires the device to be in sleep<ref name="TSY-2020" />, or at least in some sort of powered-on state, to be effective.{{cn}} As some business machines feature intrusion detection features that cause the machine to power down the moment the back cover is removed, this attack is almost impossible on secured systems.{{cn}}
Due to the nature of attacks that require extended, physical access to hardware, it's unlikely the attack will affect users outside of a business or government environment.<ref>https://www.youtube.com/watch?v=c9Z3hQh0NxY</ref>
== Mitigation ==
The researchers claim there is no easy software solution, and may only be mitigated by disabling the Thunderbolt port altogether.<ref name="WRD-20200510" /> However, the impacts of this attack (reading kernel level memory without the machine needing to be powered off) are largely mitigated by anti-intrusion features provided by many business machines. Enabling such features would restrict this attacks effectiveness
== References ==
| |||