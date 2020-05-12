New research published by Bjorn Ruytenberg of the University of Eindhoven has unveiled one series of security holes in the Thunderbolt standard, which would allow hackers to gain access to the machines. This is a not insignificant problem as the standard is present on Windows, Linux and macOS PCs.

In the long report, published by Wired’s colleagues, we read that they would be interested all versions of doors designed between 2011 and 2020. The problems would not be resolvable through a software update, which means that Intel may be forced to make engineering changes.

As we show in the movie present at the opening, the bug allows you to gain access to a Windows PC in just five minutes. The question everyone is asking though is: how do I know if my PC is affected?

Ruytenberg and his team have published the Thunderspy website, which allows you to scan to find out if you are vulnerable. Once connected to the page, you need to download Spycheck for your operating system, extract the zip file, open the tool, select the language and accept the GPLv3 license. At this point the program will do it itself and detect the Thunderbolt controller. As noted in the notes, it may be necessary to install some custom drivers or activate the energy saving mode to complete the procedure.

A scan finished Thunderspy will provide a report that it will let you know if your PC is vulnerable or not.

Currently the only way to protect yourself is by not using unknown Thunderbolt devices. It is also not recommended to leave the PC unattended in public places since the leak can be exploited within a few minutes.

Interestingly, the vulnerabilities were revealed just a few days after Microsoft explained why the Surface does not use Thunderbolt ports.

Intel said in response to the report: “the attack has not been successfully demonstrated on systems with Kernel DMA protection enabled. As always, we encourage everyone to follow good security practices, including avoiding physical access to computers. “ The company also wanted to point out that physical access to the computer is required to complete the attack, and that the attacker must have specific hardware.