Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Thunderbolt Support Still Has Problems On Linux

  1. #1
    Join Date
    Jan 2007
    Posts
    15,646

    Default Thunderbolt Support Still Has Problems On Linux

    Phoronix: Thunderbolt Support Still Has Problems On Linux

    While there were some initial problems with Thunderbolt support on Linux, most of the early problems with the new technology have been worked out with recent kernel updates. Unfortunately, some problems remain with this high-speed I/O interface...

    http://www.phoronix.com/vr.php?view=MTI1MTc

  2. #2
    Join Date
    May 2011
    Posts
    1,611

    Default

    Fortunately for now the utility of Thunderbolt remains a bit suspect, especially considering the cost angle.

    I was hoping it would provide a cheap alternative to 10 GbE but it doesn't seem there are any networking capabilities forthcoming. Most of the TB products as of now aren't particularly interesting -- at least to me, but I think that applies to the market overall.

  3. #3
    Join Date
    Dec 2011
    Posts
    2,195

    Default Thunderbolt bad security

    Thunderbolt hooks directly into the PCI Express so it is bad security since it can do DMA access.

    So having a Thunderbolt port on your computer makes it vulnerable to anyone plugging in a malicious Thunderbolt device.

    Then it can read memory and bypass your operating system security.

  4. #4
    Join Date
    Jun 2012
    Posts
    366

    Default

    Quote Originally Posted by uid313 View Post
    Thunderbolt hooks directly into the PCI Express so it is bad security since it can do DMA access.

    So having a Thunderbolt port on your computer makes it vulnerable to anyone plugging in a malicious Thunderbolt device.

    Then it can read memory and bypass your operating system security.
    And opening the cover and putting in a PCI-E device is that much harder? Are you going to argue that PCI-E can bypass security because it can do DMA access?

  5. #5
    Join Date
    Dec 2011
    Posts
    2,195

    Default

    Quote Originally Posted by gamerk2 View Post
    And opening the cover and putting in a PCI-E device is that much harder? Are you going to argue that PCI-E can bypass security because it can do DMA access?
    A laptop cannot be opened to insert a PCI-E card.

    As for desktop and servers, they can be physically secured to prevent the case from getting opened.
    Also, opening the case can trigger chassis intrusion detection.

  6. #6
    Join Date
    May 2011
    Posts
    1,611

    Default

    Quote Originally Posted by uid313 View Post
    A laptop cannot be opened to insert a PCI-E card.
    Can't you just boot a Linux Live CD, chroot and then rm -rf /*?

  7. #7
    Join Date
    Dec 2011
    Posts
    2,195

    Default

    Quote Originally Posted by johnc View Post
    Can't you just boot a Linux Live CD, chroot and then rm -rf /*?
    No because the system firmware (BIOS, UEFI, etc) can be configured to disallow booting from removable devices (USB and CD).

  8. #8
    Join Date
    May 2011
    Posts
    1,611

    Default

    Quote Originally Posted by uid313 View Post
    No because the system firmware (BIOS, UEFI, etc) can be configured to disallow booting from removable devices (USB and CD).
    But can't you disable Thunderbolt in the BIOS as well?

    Not that it isn't trivial to clear a BIOS password / configuration.

    Generally, if there is physical access to a system, there is no security.

  9. #9
    Join Date
    Nov 2008
    Location
    Madison, WI, USA
    Posts
    884

    Default

    Quote Originally Posted by uid313 View Post
    A laptop cannot be opened to insert a PCI-E card.
    http://en.wikipedia.org/wiki/PCI_Exp...ress_Mini_Card

    Many laptops run their 802.11n wireless through a mini PCI-E card, which can be replaced by the user. Just need a screwdriver and a few seconds.


    Quote Originally Posted by johnc View Post
    Generally, if there is physical access to a system, there is no security.
    Agreed. I can't count the number of times someone came to me and said they forgot their password, or that windows wouldn't boot anymore... so I pulled the drive, put it in a USB case, and did whatever was needed to fix their problem.

    At least some systems allow full-disk encryption which requires a password to boot. It doesn't prevent tomfoolery through hardware key loggers, but at least someone who just finds your laptop on a park bench won't be able to get at all your files.
    Last edited by Veerappan; 12-14-2012 at 01:37 PM.

  10. #10
    Join Date
    Dec 2011
    Posts
    2,195

    Default

    Quote Originally Posted by johnc View Post
    But can't you disable Thunderbolt in the BIOS as well?
    I don't know, but I surely hope so.

    Quote Originally Posted by johnc View Post
    Not that it isn't trivial to clear a BIOS password / configuration.

    Generally, if there is physical access to a system, there is no security.
    To boot from a LiveCD or USB you must restart the computer and if the disk is encrypted then you can't access anything on it.

    With Thunderbolt you can access everything even without restarting the computer, hence full-disk encryption doesn't protect you against that.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •