At the last congress
in Hamburg Chaos Computer vulnerability was demonstrated by means of which we can rewrite the firmware your Mac. It is noteworthy that this is done with a device with built-in Thunderbolt, which is equipped with all modern computers, without exception, Apple.
Hack is called Thunderstrike and uses modified to attack computer code stored in a read only memory or ROM. Extends it with the help of devices connected via Thunderbolt. Being connected to the computer, it quietly rewrites firmware poppy.
Such a method of computer hacking is not only impossible to detect, but it also can not be easily removed - reinstall OS X is unable to remove the infected code firmware. Furthermore, Thunderstrike also stores information on the disc, so drive the replacement will not result. Thus, the "cure» Mac only replacement firmware, known as EFI. However, this would require special equipment, as regular methods to update the firmware again fail.
As the specialist, who discovered the vulnerability, Apple is aware of the potential problem and has already implemented some changes in the new Thunderbolt interface Mac mini and iMac display Retina 5K. However, these solutions while offering only partial protection and can still be overcome. In addition, Apple has yet to protect the rest of poppies, equipped with Thunderbolt.
The only solace for owners of Apple computers may be the fact that the attacker always need immediate access to your Mac to infect it. Also, nothing is known of such cases that have already taken place, although it is questionable security guarantee.
http://www.iphones.ru/iNotes/396868
No comments :
Post a Comment