https://thunderspy.io/
"Thunderspy targets devices with a Thunderbolt port. If your computer
has such a port, an attacker who gets brief physical access to it can
read and copy all your data, even if your drive is encrypted and your
computer is locked or set to sleep.
Thunderspy is stealth, meaning that you cannot find any traces of the
attack. It does not require your involvement, i.e., there is no phishing
link or malicious piece of hardware that the attacker tricks you into
using. Thunderspy works even if you follow best security practices by
locking or suspending your computer when leaving briefly, and if your
system administrator has set up the device with Secure Boot, strong BIOS
and operating system account passwords, and enabled full disk
encryption. All the attacker needs is 5 minutes alone with the computer,
a screwdriver, and some easily portable hardware."
Intel does it again. Via Wired and Linux Weekly News:
https://www.wired.com/story/thunderspy-thunderbolt-evil-maid-hacking/
https://lwn.net/
Cheers,
*** Xanni ***
--
mailto:xanni@xanadu.net Andrew Pam
http://www.xanadu.com.au/ Chief Scientist, Xanadu
http://www.glasswings.com.au/ Partner, Glass Wings
http://www.sericyb.com.au/ Manager, Serious Cybernetics