All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Memory Upgrades for 2019 Mac Pro - Save Up to 65% vs Factory Costs
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$209 $129
SAVE $80

$91 $40
SAVE $51

$3049 $2399
SAVE $650

$3508 $2998
SAVE $510

$1849 $1199
SAVE $650

$998 $848
SAVE $150

$3999 $2998
SAVE $1001

$2299 $1799
SAVE $500

$1597 $1297
SAVE $300

$80 $33
SAVE $46

$2299 $1799
SAVE $500

$1898 $1498
SAVE $400

$2799 $2299
SAVE $500

$2299 $1799
SAVE $500

$600 $400
SAVE $200

$240 $175
SAVE $65

$699 $499
SAVE $200

$400 $300
SAVE $100

$1599 $1398
SAVE $201

$2042 $1597
SAVE $445

$1699 $999
SAVE $700

$180 $100
SAVE $80

$1199 $1099
SAVE $100

$1199 $1099
SAVE $100

$999 $949
SAVE $50

$1849 $1199
SAVE $650

$400 $300
SAVE $100

$1699 $999
SAVE $700

Plugging in an Unknown Thunderbolt or USB-C Device is Electronic Unprotected Sex: the “Thunderclap” Vulnerability

I wonder if Apple can even address this issue?

Basically, NEVER plug in a device that is not your own. The “social engineering” required to compromise a computer is surely in use by national security agencies to compromise targets, but it could become fairly common if the risks are not plugged.

Consider the juicy prize of compromising a public library or airport kiosk, etc with a compromised USB-C charger. Dang. NEVER charge at a public charging station with a Thunderbolt 3/USB-C charger suplied there. Bring your own power adapter and use that. (For similar reasons, I never use public WiFi but instead use my own personal WiFi hotspot via USB cable to my phone).

Hope that Chinese parts in your Thunderbolt 3 peripherals are all free of secret hardware compromises (impossible to know of course). With whole Huaweii fiasco, this idea is far from farfetched. I wonder if Thunderbolt 3 product vendors should be doing security audits of the chips they use?

At Thunderclap.io:

Modern computers are vulnerable to malicious peripheral devices

These vulnerabilities allow an attacker with physical access to a Thunderbolt port to compromise a target machine in a matter of seconds, running arbitrary code at the highest privilege level and potentially gaining access to passwords, banking logins, encryption keys, private files, browsing and other data. Attacks exploiting these vulnerabilities can also be carried out by seemingly innocuous peripherals like chargers and projectors that correctly charge or project video but simultaneously compromise the host machine.

...

Thunderbolt 4 Dock

Thunderbolt 4 hub and ports!

Any Mac with Thunderbolt 3.


OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!
OWC Envoy Pro Elektron

Ultra-high performance across entire capacity, outperforms the competition.

Tiny, bus-powered, rugged, compact!


√ No more slow and noisy hard drives!
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!

Deals Updated Daily at B&H Photo
View all handpicked deals...

Pelican 7000 LED Flashlight v2 (Black)
$91 $40
SAVE $51

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__