SoylentNews

Leebert [soylentnews.org] writes:

ArsTechnica, among others, is reporting [arstechnica.com] about a proof-of-concept exploit that can compromise the firmware of a Mac with only brief physical access. The exploit, dubbed "Thunderstrike [trmm.net]", works by connecting a malicious Thunderbolt device to the Mac.

Because the exploit can change the RSA public keys in the boot ROM, it can deliver firmware that is all but impossible to replace.

It opens up all sorts of interesting attacks, including snarfing passwords for encrypted hard disks. I'm personally tempted to hang around Starbucks for a while and wait for an aspiring novelist to go to the bathroom or get a drink refill...

---

Original Submission