Thunderbolt Rootkit Vector

Posted by Soulskill on Tuesday December 23, 2014 @07:46AM from the like-USB-but-better dept.

New submitter Holi sends this news from PC World: Attackers can infect MacBook computers with highly persistent boot rootkits by connecting malicious devices to them over the Thunderbolt interface. The attack, dubbed Thunderstrike, installs malicious code in a MacBook's boot ROM (read-only memory), which is stored in a chip on the motherboard. It was devised by a security researcher named Trammell Hudson based on a two-year old vulnerability and will be demonstrated next week at the 31st Chaos Communication Congress in Hamburg.

1 of 163 comments (clear)

Min score:

Reason:

Sort:

Writing to ROM? Wrong. by pubwvj · 2014-12-23 08:57 · Score: 1, Redundant

"installs malicious code in a MacBook's boot ROM (read-only memory)"
Nope. It may write to EPROM or something like that but by definition it can not write to ROM. ROM means Read Only Memory and as such there is no writing to it. EPROM or some other flavor of Erasable Programmable Read Only Memory is what it would have to be working with. Too bad writers can't read. Not even their own sentences. Or perhaps they can't comprehend. IM (Incomprehensible Memory) in the case of the OP.