undefined | Better HN

0 pointstptacek5y ago0 comments

Because they need to open up the victim's device to read its TB3 configuration directly off the SPI flash that holds it; that's how they get the malicious device to work in the first place.

0 comments

redactions5y ago

Many smaller devices do not require tools and are trivial to clone. Any of the victim devices will do. It's not only useful to attack a target computer.

Device identifiers and capabilities are not bound to the security level secret values. Drop off a pre-cloned video adapter in a conference room. If it is used and as a result authorized by a targeted computer at a later moment in time, it's game over. An attacker may now perform DMA operations unless the system has kDMA protection enabled. This requires kDMA support in the BIOS, IOMMU hardware, and in the Operating System.

The focus on DMA is however missing a very important observation about security levels from the research: There is a lot of attack surface when you're able to plug in a PCI(e) device as easily as a USB disk.

tptacekOP5y ago

You almost certainly know more about this than me, but hasn't macOS been breaking this attack --- malicious PCIE DMA --- for several years now with its IOMMU configuration? Ivan Krstic has a whole series of BH slides about this, and in the context of T2.

The point about attacking trusted devices and pre-cloning devices is well taken.

redactions5y ago

Yes. With MacOS and Thunderbolt 3 devices on Apple hardware the IOMMU is used as expected. This should handle DMA attacks when booted into MacOS.

An important caveat: the IOMMU alone will not handle every other issue that comes with malicious PCI(e) devices.

boxed5y ago

That seems a bit counter to "Thunderspy is stealth, meaning that you cannot find any traces of the attack". No traces on the computer sure, but breaking apart my screen might be possible to see.

withinboredom5y ago

Unless they opened it before you even receive the device.

j / k navigate · click thread line to collapse

0 comments

redactions5y ago

Many smaller devices do not require tools and are trivial to clone. Any of the victim devices will do. It's not only useful to attack a target computer.

tptacekOP5y ago

The point about attacking trusted devices and pre-cloning devices is well taken.

redactions5y ago

Yes. With MacOS and Thunderbolt 3 devices on Apple hardware the IOMMU is used as expected. This should handle DMA attacks when booted into MacOS.

An important caveat: the IOMMU alone will not handle every other issue that comes with malicious PCI(e) devices.

boxed5y ago

That seems a bit counter to "Thunderspy is stealth, meaning that you cannot find any traces of the attack". No traces on the computer sure, but breaking apart my screen might be possible to see.

withinboredom5y ago

Unless they opened it before you even receive the device.

j / k navigate · click thread line to collapse