Security Software

More information on Thunderbolt™ security research published by Eindhoven University

In February 2020, researchers from Eindhoven University of Technology reached out to Intel with a report on Thunderbolt™, which they refer to as “Thunderspy.”

In the report, they discussed issues related to invasive physical attacks on Thunderbolt™ hosts and devices. While the underlying vulnerability is not new, and was addressed in operating system releases last year, the researchers demonstrated new potential physical attack vectors using a customized peripheral device on systems that did not have these mitigations enabled..

In 2019, major operating systems (OSes) implemented Kernel Direct Memory Access (DMA) protection to mitigate against attacks such as these. This includes Windows* (Windows 10 1803 RS4 and later), Linux* (kernel 5.x and later), and MacOS* (MacOS 10.12.4 and later). The researchers did not demonstrate successful DMA attacks against systems with these mitigations enabled. Check with your system manufacturer to determine if your system has these mitigations incorporated. For all systems, we recommend following standard security practices, including the use of only trusted peripherals and preventing unauthorized physical access to computers.

For additional resources, refer to the Microsoft* article on Thunderbolt Security in Windows 10 and the corresponding article from Intel in 2019.

As part of our Security-First pledge, Intel will continue to improve the security of Thunderbolt technology, and we thank the researchers from Eindhoven University for reporting this to us.

*This article was originally posted on Technology@Intel.


Was this article helpful?YesNo
0% of users found this helpful

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at www.intel.com.

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.

Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available​ updates.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product or component can be absolutely secure.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.

Copyright Intel Corporation 2020.