Most of them actually specifically require that Thunderbolt security features be turned off because otherwise signed drivers are required to be installed before the peripheral will even connect. This is essentially one of the core messages you should take away from the field of hardware security.Įvery source that I can find regarding the 2016 DMA vulnerabilities disagrees with you. For devices that aren’t designed to resist emulation, which thunderbolt devices generally aren’t, it’s trivial. Even for devices that are designed with the express purpose of being hard to emulate (auth tokens, DRM chips, iPhone cables), it’s at most a simple matter of a grad student or Shenzhen resident with access to a fume hood and an electron microscope finding some burned-in private keys.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |