Patriotsop 8 chip flasher with clip is like $3 of hardware not $400

OneMoarin other news people that have physical access to your computer can steal your data

stimpy88Bloody hell Intel!

Patriotsop 8 chip flasher with clip is like $3 of hardware not $400, This is why microsoft said they didn't include thunderbolt on their devices, inherently insecure to have external pcie. Turns out relying on an external device to say it is secure doesn't work so well.

In this report, we disclose the following vulnerabilities:

1. Inadequate firmware verification schemes.
Thunderbolt host and device controllers operate using updatable firmware stored in its SPI flash. Using this feature, Thunderbolt hardware vendors occasionally provide firmware updates online to address product issues post-release. To ensure firmware authenticity, upon writing the image to the flash, Thunderbolt controllers verify the firmware’s embedded signature against Intel’s public key stored in silicon. However, we have found authenticity is not verified at boot time, upon connecting the device, or at any later point. During our experiments, using a SPI programmer, we have written arbitrary, unsigned firmware directly onto the SPI flash. Subsequently, we have been able to verify Thunderbolt controller operation using our modified firmware.

2. Weak device authentication scheme.
As noted in Section 1, device identification comprises several strings and numerical identifiers. However, we have found none of the identifiers are linked to the Thunderbolt PHY or one another, cryptographically or otherwise.

3. Use of unauthenticated device metadata.
Thunderbolt controllers store device metadata in a firmware section referred to as Device ROM (DROM). We have found that the DROM is not cryptographically verified. Following from the first issue, this vulnerability enables constructing forged Thunderbolt device identities. In addition, when combined with the second issue, forged identities may partially or fully comprise arbitrary data. Figure 2 demonstrates a device passing authentication while presenting a forged DROM to the host.

4. Backwards compatibility.
Thunderbolt 3 host controllers support Thunderbolt 2 device connectivity, irrespective of Security Levels. Such backwards compatibility subjects Thunderbolt 3-equipped systems to vulnerabilities introduced by Thunderbolt 2 hardware.

5. Use of unauthenticated controller configurations.
In UEFI, users may choose to employ a Security Level different to the default value (SL1) as listed in Section1. In storing Security Level state, we have determined that Thunderbolt employs two state machines, with one instance being present in UEFI, and another residing in host controller firmware. However, we have found firmware configuration authenticity is not verified at boot time, upon resuming from sleep, or at any later point. In addition, we have found these states machines may be subjected to desynchronization, with controller firmware overriding UEFI state without being reflected in the latter. As such, this vulnerability subjects the Thunderbolt host controller to unauthenticated, covert overriding of Security Levels configuration.

6. SPI flash interface deficiencies.
As noted before, Thunderbolt systems rely on SPI flash to store controller firmware (vulnerability 1) and maintain their Security Level state (vulnerability 5). In our study, we have found Thunderbolt controllers lack handling hardware error conditions when interacting with flash devices. Specifically, we have determined enabling flash write protection (i) prevents changing the Security Level configuration in UEFI, again without being reflected in the latter, and (ii) prevents controller firmware from being updated, without such failures being reflected in Thunderbolt firmware update applications. As such, when combined with the fifth issue, this vulnerability allows to covertly, and permanently, disable Thunderbolt security and block all future firmware updates.

7. No Thunderbolt security on Boot Camp.
Apple supports running Windows on Mac systems using the Boot Camp utility [2]. Aside from Windows, this utility may also be used to install Linux. When running either operating system, Mac UEFI disables all Thunderbolt security by employing the Security Level “None” (SL0). As such, this vulnerability subjects the Mac system to trivial Thunderbolt-based DMA attacks.

Caring1Apple.

theoneandonlymrkIs this going to transfer to usb4

https://thunderspy.io/USB 4 is based on Thunderbolt 3. Is this interface affected as well?
On September 3, 2019, USB-IF announced the final specification of USB 4. Among its key features is support for Thunderbolt-based signaling. While USB 4 controllers and peripherals have not yet become readily available, we would encourage users to exercise caution until such hardware has been unequivocally found to address all Thunderspy vulnerabilities.

Darmok N JaladWhat about Apple? The article doesn’t say anything about this working on a Mac, just Windows and Linux. Is macOS immune or just untested? Or maybe it’s just unclear.

MacOS employs (i) an Apple-curated whitelist in place of Security Levels, and (ii) IOMMU virtualization when hardware and driver support is available. Vulnerabilities 2–3 enable bypassing the first protection measure, and fully compromising authenticity of Thunderbolt device metadata in MacOS “System Information”. However, the second protection measure remains functioning and hence prevents any further impact on victim system security via DMA. The system becomes vulnerable to attacks similar to BadUSB. Therefore, MacOS is partially affected.

Darmok N JaladWhat about Apple? The article doesn’t say anything about this working on a Mac, just Windows and Linux. Is macOS immune or just untested? Or maybe it’s just unclear.

ValantarIf the procedure requires disassembly of the laptop to access and reprogram a chip, the question of external PCIe is rather moot, no? Disassembling the laptop would give access to any m.2 ports, WiFi ports, etc, so getting access to PCIe that way really isn't difficult.

OneMoarso it requires extended physical access to the machine as well as removing the cases access panel to execute

slow news day eh ?

in other news people that have physical access to your computer can steal your data

article title is blately misleading its not 5 minutes try more like 15 minutes to get all the hardware setup probably closer to 20 if you need be fiddling with your hardware probe to get a solid connection anybody thats ever used these SOIC clips knows they are pain in the ass and depending on the board and the bios chip style you may not even have access

btw I can bypass the windows login screen by booting the pc from the windows setup disk and renaming a file witch btw requires no hardware mods no special software and in reality probably about 5 minutes


can we stop with the fear mongering please holy fuck its so easy to make the uneducated whip them selves into a panic

PatriotIt sounds like it was requiring access to the thunderbolt cable or external thunderbolt device not the host... I have used the clips, it's not that hard, and pretty sure all thunderbolt cable chips are the same.
I will read more about this... if it truly does require host access and cable access, you will have quicker luck with the pcie vulnerabilities themselves as it has no security ....

OneMoarso it requires extended physical access to the machine as well as removing the cases access panel to execute

slow news day eh ?

in other news people that have physical access to your computer can steal your data

article title is blately misleading its not 5 minutes try more like 15 minutes to get all the hardware setup probably closer to 20 if you need be fiddling with your hardware probe to get a solid connection anybody thats ever used these SOIC clips knows they are pain in the ass and depending on the board and the bios chip style you may not even have access

btw I can bypass the windows login screen by booting the pc from the windows setup disk and renaming a file witch btw requires no hardware mods no special software and in reality probably about 5 minutes


can we stop with the fear mongering please holy fuck its so easy to make the uneducated whip them selves into a panic

Darmok N JaladWhat about Apple? The article doesn’t say anything about this working on a Mac, just Windows and Linux. Is macOS immune or just untested? Or maybe it’s just unclear.

AleksandarKUsing an SPI (Serial Peripheral Interface) programmer with a SOP8 clip that connects the pins of the programmer device to the controller,

exodusprime1337When a laptop goes home most decent orgs provide full disk encryption but far fewer offer pre boot authentication such as a pin or pre-boot passcode. This means if a developers laptop was stolen from their car or home and was able to be booted to a desktop, the work of encryption could theoretically be bypassed giving an attacker full access to the files on your machine. Worse even if the developer has pre-boot auth, but simply put his machine to sleep and didn't shut it down.

exodusprime1337I don't think you're taking into account the utility of this attack against a corporation and the more and more laptops they give out. When a laptop goes home most decent orgs provide full disk encryption but far fewer offer pre boot authentication such as a pin or pre-boot passcode. This means if a developers laptop was stolen from their car or home and was able to be booted to a desktop, the work of encryption could theoretically be bypassed giving an attacker full access to the files on your machine. Worse even if the developer has pre-boot auth, but simply put his machine to sleep and didn't shut it down.

You clearly lack a good understanding regarding the usefulness of these attacks. There are many many companies that go to great lengths with disk encryption and account lockout policies and in many regards this is a relatively inexpensive way to bypass most of those protective layers.

Is it unlikely? Sure you need physical access. But this not only opens up threats to third parties whom gain physical access but more importantly the growing number of insider threats that pop up year over year. Someone's "stolen" laptop could be from someone in their very company with regular access to the machine or knowledge of that employees whereabouts. This isn't fear mongering, this is a security orgs nightmare. A breach point with little or no hope of ever fixing. Many orgs will most likely move disk encryption to pre-boot authentication, but that comes with a cost to the end user experience and could have major functionality concerns for items like kiosks and publicly accessible endpoints. Thunderbolt is just broken.

PatriotIt sounds like it was requiring access to the thunderbolt cable or external thunderbolt device not the host... I have used the clips, it's not that hard, and pretty sure all thunderbolt cable chips are the same.
I will read more about this... if it truly does require host access and cable access, you will have quicker luck with the pcie vulnerabilities themselves as it has no security ....



Thunderspy enables creating arbitrary Thunderbolt device identities and cloning user-authorized Thunderbolt devices, even in the presence of Security Levels pre-boot protection and cryptographic device authentication.

While the permanent disablement of security requires host disassembly and modification the other attack vectors do not. AKA, plug device into locked system and gain access. Universal key. Physical access is usually considered a moot point because it allows for removal of system and time constraints on attack vectors. However gaining network access through a locked system is a big deal, as it can be a supply chain attack or even a parkinglot attack, though I suspect people would be less likey to pick up a thunderbolt cable that has been tampered with than a usb key. That said, people are dumb.