Announcement

Collapse
No announcement yet.

Thunderbolt Support Still Has Problems On Linux

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Thunderbolt Support Still Has Problems On Linux

    Phoronix: Thunderbolt Support Still Has Problems On Linux

    While there were some initial problems with Thunderbolt support on Linux, most of the early problems with the new technology have been worked out with recent kernel updates. Unfortunately, some problems remain with this high-speed I/O interface...

    http://www.phoronix.com/vr.php?view=MTI1MTc

  • #2
    Fortunately for now the utility of Thunderbolt remains a bit suspect, especially considering the cost angle.

    I was hoping it would provide a cheap alternative to 10 GbE but it doesn't seem there are any networking capabilities forthcoming. Most of the TB products as of now aren't particularly interesting -- at least to me, but I think that applies to the market overall.

    Comment


    • #3
      Thunderbolt bad security

      Thunderbolt hooks directly into the PCI Express so it is bad security since it can do DMA access.

      So having a Thunderbolt port on your computer makes it vulnerable to anyone plugging in a malicious Thunderbolt device.

      Then it can read memory and bypass your operating system security.

      Comment


      • #4
        Originally posted by uid313 View Post
        Thunderbolt hooks directly into the PCI Express so it is bad security since it can do DMA access.

        So having a Thunderbolt port on your computer makes it vulnerable to anyone plugging in a malicious Thunderbolt device.

        Then it can read memory and bypass your operating system security.
        And opening the cover and putting in a PCI-E device is that much harder? Are you going to argue that PCI-E can bypass security because it can do DMA access?

        Comment


        • #5
          Originally posted by gamerk2 View Post
          And opening the cover and putting in a PCI-E device is that much harder? Are you going to argue that PCI-E can bypass security because it can do DMA access?
          A laptop cannot be opened to insert a PCI-E card.

          As for desktop and servers, they can be physically secured to prevent the case from getting opened.
          Also, opening the case can trigger chassis intrusion detection.

          Comment


          • #6
            Originally posted by uid313 View Post
            A laptop cannot be opened to insert a PCI-E card.
            Can't you just boot a Linux Live CD, chroot and then rm -rf /*?

            Comment


            • #7
              Originally posted by johnc View Post
              Can't you just boot a Linux Live CD, chroot and then rm -rf /*?
              No because the system firmware (BIOS, UEFI, etc) can be configured to disallow booting from removable devices (USB and CD).

              Comment


              • #8
                Originally posted by uid313 View Post
                No because the system firmware (BIOS, UEFI, etc) can be configured to disallow booting from removable devices (USB and CD).
                But can't you disable Thunderbolt in the BIOS as well?

                Not that it isn't trivial to clear a BIOS password / configuration.

                Generally, if there is physical access to a system, there is no security.

                Comment


                • #9
                  Originally posted by uid313 View Post
                  A laptop cannot be opened to insert a PCI-E card.
                  http://en.wikipedia.org/wiki/PCI_Exp...ress_Mini_Card

                  Many laptops run their 802.11n wireless through a mini PCI-E card, which can be replaced by the user. Just need a screwdriver and a few seconds.


                  Originally posted by johnc View Post
                  Generally, if there is physical access to a system, there is no security.
                  Agreed. I can't count the number of times someone came to me and said they forgot their password, or that windows wouldn't boot anymore... so I pulled the drive, put it in a USB case, and did whatever was needed to fix their problem.

                  At least some systems allow full-disk encryption which requires a password to boot. It doesn't prevent tomfoolery through hardware key loggers, but at least someone who just finds your laptop on a park bench won't be able to get at all your files.
                  Last edited by Veerappan; 12-14-2012, 12:37 PM.

                  Comment


                  • #10
                    Originally posted by johnc View Post
                    But can't you disable Thunderbolt in the BIOS as well?
                    I don't know, but I surely hope so.

                    Originally posted by johnc View Post
                    Not that it isn't trivial to clear a BIOS password / configuration.

                    Generally, if there is physical access to a system, there is no security.
                    To boot from a LiveCD or USB you must restart the computer and if the disk is encrypted then you can't access anything on it.

                    With Thunderbolt you can access everything even without restarting the computer, hence full-disk encryption doesn't protect you against that.

                    Comment


                    • #11
                      Originally posted by uid313 View Post
                      A laptop cannot be opened to insert a PCI-E card.
                      You can remove the bottom panel to install a mini-PCIe card, or you could just put in an expresscard.

                      Comment

                      Working...
                      X