Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all! We have been experiencing an issue on site where threads have been missing the latest postings. The platform host Vanilla are working on this issue. A workaround that has been used by some is to navigate back from 1 to 10+ pages to re-sync the thread and this will then show the latest posts. Thanks, Mike.
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Thunderstruck 2

Comments

  • #2
    Zcott
    Registered Users, Registered Users 2 Posts: 3,206 ✭✭✭Zcott


    As usual, don't download files you don't trust, don't open links you don't trust, don't plug in accessories you don't trust (because this is a virus exploiting firmware on things like Thunderbolt accessories).

    From iMore:
    Of the six vulnerabilities the researchers tested, five were found to affect the Mac. The same researchers said that Apple has already patched one of those vulnerabilities and partially patched another. OS X 10.10.4 breaks the proof-of-concept by restricting how Thunderstrike can get onto the Mac. Whether OS 10.10.5 breaks it even more, or proves to be even more effective at preventing this type of attack altogether, remains to be seen.


  • #3
    Sad Professor
    Moderators, Category Moderators, Arts Moderators, Entertainment Moderators, Technology & Internet Moderators Posts: 22,680 CMod ✭✭✭✭Sad Professor


    Rich Mogull has a good post on this. It’s just a proof of concept and is nothing to worry about.
    Is there anything I need to do?

    No, nearly everyone can ignore Thunderstrike 2 entirely. The research really is excellent, compelling work that the Wired piece unfortunately turned into a bit of a fright-fest. The Web attack vector, in particular, is blocked in OS X 10.10.4. The worm can’t automatically jump air gaps — those in sensitive environments can easily protect themselves by being careful where they source their Thunderbolt devices, and this entire family of firmware attacks is likely to become a lot more difficult as hardware improves, and as device manufacturers update their firmware code.

    I have no doubt similar attacks will continue to be used, especially against high-value targets, but the economics make it highly unlikely this is something we will ever see used at scale against consumers.

    ...

    This research plays an extremely valuable role in helping keep us all safe. Finding problems before the bad guys do, and reporting those problems to the vendors (as these researchers did to Apple), helps keep us all safer going forward. But when the research is reported by the media without sufficient context, it creates unwarranted fear. This is one of those situations where high-quality research is being blown out of proportion for page views. I suppose it’s still better than watching political ads.


  • #4
    muggyog
    Registered Users, Registered Users 2 Posts: 725 ✭✭✭muggyog


    "This research plays an extremely valuable role in helping keep us all safe."

    While I was aware that this is a proof of concept it is thanks to the likes of Trammell Hudson that such vulnerabilities are highlighted.

    As a by the way, he really DOES have a ROM obsession!


Advertisement