The Thunderbolt interface is an interface used for connecting peripheral devices to many modern computers. Thunderbolt connections (with the familiar lightning arrow symbol - see Figure 1) support fast transfer of audio, video, and other data over a single cable and can also charge devices connected through the same interface.
The Thunderbolt specification was developed by Intel in collaboration with Apple. Many users might think of Thunderbolt in the context of Apple hardware. Apple actually started shipping MacBook Pro models with the interface back in 2011 (see the box entitled "Thunderbolt Through the Years"). Thunderbolt has become a common feature on MacBook computers, as well as many other Intel-based systems.
Through the years, however, the power and speed of Thunderbolt has led to some security issues. Like other technologies that communicate with a syste via PCI Express (PCIe), Firewire, or similar protocols, Thunderbolt supports direct access to system memory. Directly accessing memory enables fast data transfer rates, but it also poses a security risk, because many different components access memory at the same time, which creates the potential for a DMA attack. (A DMA attack involves unauthorized access to the system memory in order to read arbitrary data.)
Security concerns have led to a new approach with recent Thunderbolt versions. Some of the basic security features available in Thunderbolt 3 have been enhanced for version 4. Thunderbolt now uses the Intel Virtualization Technology for Directed I/O (VT-d) to provide protection against DMA attacks.
This story is from the #260/July 2022: Privacy edition of Linux Magazine.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 8,500+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the #260/July 2022: Privacy edition of Linux Magazine.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 8,500+ magazines and newspapers.
Already a subscriber? Sign In
URL filtering with Pi-hole Into the Funnel
Supporting browser plug-ins, network-based DNS blockers like Pi-hole help protect you against online tracking and unwanted content.
Artificial intelligence on the Raspberry Pi Learning Experience
You don't need a powerful computer system to use Al. We show what it takes to benefit from Al on the Raspberry Pi and what tasks the small computer can handle.
MakerSpace Manage your greenhouse with a Raspberry Pi Pico W Sheltered Growth
You can safely assign some greenhouse tasks to a Raspberry Pi Pico W, such as controlling ventilation, automating a heater, and opening and closing windows.
Control Center
Tipi gives you complete control of more than 100 applications and services. A mouse click is all it takes to install the apps.
In One Fell Swoop
Topgrade detects all the package managers installed on a system and executes them one by one at the command line.
Go Faster!
The fastest way through a curve on a racetrack is along the racing line. Instead of heading for Indianapolis, Mike Schilli trains his reflexes with a desktop application written in Go, just to be on the safe side.
Math Magic
MathLex lets you easily transform handwritten math formulas to digital format and use them on the web.
Custom Repair Toolkit
You can do more with System Rescue than just repair broken systems. By adding tools and scripts, you can create a custom rescue environment that meets your needs.
At Your Disposal
Debvm lets you quickly create a temporary virtual machine with a small memory footprint, ideal for testing scripts or mixing repositories
A Fresh Breeze
Vanilla OS, an immutable filesystem, seamlessly integrates applications from other distributions with an innovative container-based package manager.
