NEW YORK: Apple administrators are learning that assailants have the capacity to hit MacBook computers with highly proficient boot root kits by connecting a malicious device to any MacBook computer via Thunderbolt interface.
This new attack, which is being called “Thunderstrike,” will install malicious code in a MacBook’s boot ROM (the ‘read-only-memory’), stored in one chip on the motherboard. This vulnerability was engineered by a security researched by the name of Trammell Hudson based on an existing vulnerability from two years ago. He will demonstrate how this works next week, at the 31st Chaos Communication Congress in Hamburg.
“It is possible to use a Thunderbolt Option ROM to circumvent the cryptographic signature checks in Apple’s EFI firmware update routines,” explains Hudson in a description of his presentation. “This allows an attacker with physical access to the machine to write untrusted code of the SPI flash ROM on the motherboard and creates a new class of firmware bootkits for the MacBook systems.”
Tesla driverless system to use updated radar technology
WASHINGTON: Electric carmaker Tesla announced Sunday it was upgrading its Autopilot software to use more advanced radar technology. In a...