Announcement

Collapse
No announcement yet.

Intel Offers Up Royalty-Free Thunderbolt 3 To USB Promoter Group

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intel Offers Up Royalty-Free Thunderbolt 3 To USB Promoter Group

    Phoronix: Intel Offers Up Royalty-Free Thunderbolt 3 To USB Promoter Group

    Intel has announced they are contributing the Thunderbolt 3 specification to the USB Promoter Group and making it royalty-free for other hardware vendors to implement support for it. Plus it was also announced the USB4 specifcation is based on the Thunderbolt protocol...

    http://www.phoronix.com/scan.php?pag...o-USB-Promoter

  • #2
    Finally! I was wondering, when USB will be adding PCIe routing. Kudos to Intel for doing the right thing!

    Comment


    • #3
      Better late than never, I guess. Hopefully, we'll finally get some cheaper eGPU cases...

      Comment


      • #4
        The main problem with this is thunderbolt is inherently insecure... so you can end up with devices on your system that have full DMA access, and you have no idea what they are doing. USB on the other hand is mostly geared toward storage and perpherials IO.

        Comment


        • #5
          So 10 years later, the circle is complete: USB becomes firewire ...

          Comment


          • #6
            Yay. Only 1 year late.

            Comment


            • #7
              Originally posted by cb88 View Post
              The main problem with this is thunderbolt is inherently insecure... so you can end up with devices on your system that have full DMA access, and you have no idea what they are doing. USB on the other hand is mostly geared toward storage and perpherials IO.
              It's only insecure if you implement it in such a way that devices are auto-configured upon connection. If my memory serves me correctly there was talk about changing behavior so that Thunerbolt devices are not auto-configured when connected, but I'm not sure if that ever went anywhere as I don't own or use any thunderbolt devices. Mind you, thunderbolt devices are far from the only devices with DMA that can be connected via USB.

              There's the proof-of-concept PoisonTap Raspberry Pi pretending to be an ethernet device (ethernet devices having DMA as per design) not to mention the potential being able to compromise DMA-capable devices that are already in the system like they did in the Broadpwn attack. Particularly Ethernet devices are vulnerable to the latter attack on account of being outwards facing and run by Turing complete microcontrollers running an internal operating system.
              "Why should I want to make anything up? Life's bad enough as it is without wanting to invent any more of it."

              Comment


              • #8
                Originally posted by cb88 View Post
                The main problem with this is thunderbolt is inherently insecure... so you can end up with devices on your system that have full DMA access, and you have no idea what they are doing. USB on the other hand is mostly geared toward storage and perpherials IO.
                That's what IOMMU is for. It has been available for a decade or so, in the consumer CPUs. With that, devices with DMA have no full memory access.

                Comment


                • #9
                  USB 4? Not USB 3.2.5.7.54.a.rc3?

                  Comment


                  • #10
                    Originally posted by lu_tze View Post
                    That's what IOMMU is for. It has been available for a decade or so, in the consumer CPUs. With that, devices with DMA have no full memory access.
                    That's not enough:

                    [...]
                    It is not sufficient to simply enable
                    basic IOMMU protections in the PCIe bus framework and
                    consider the job finished. Our findings show there is no defense
                    in depth: the layers beyond, such as communication stacks and
                    memory allocators, are not hardened against malicious devices.
                    [...]

                    Comment

                    Working...
                    X