World’s first (known) bootkit for OS X can permanently backdoor Macs

[SuperfastJellyfish]

PC vs MAC commercials.

 

Pretty poor source you've got there. Link?

[cesrai]

Pretty poor source you've got there. Link?

Ok here are the videos and what the other guys/girls posted 

[Fetzie]

Well it seems like it would be extremely hard to remove and even replacing your storage device or reinstalling OS wouldnt remove it. Basicly it has full control over your system.  And how would you remove something you cant detect or know that its there ?

 

Hence needing to flush and reflash all hardware components' firmwares. Which is time-consuming, not at all fun, and possibly impossible if the bootkit runs before you get to the FW flashing utility.

 

This is weeks old

Also, it's basically just BadUSB for thunderbolt

 

 

Yeah it seems like this is very similar. Just that it uses Thunderbolt instead of USB.

Although one difference (I think) is that the USB exploit might not pass Secure Boot, while this exploit might.

 

Thunderbolt goes straight to the PCH (or at least can) and thus has access to pretty much everything. Thunderbolt can have much lower-level access to the computer's hardware than USB ever could due to essentially being a plug-and-play PCI-E device (USB has to go through a separate controller which needs to be initialized by the BIOS or OS IIRC). Might be wrong, but I think that's how it works.

[ComradeHX]

What's the big deal?  Wallet is already backdoored.

[LAwLz]

That seems to be down to Thunderbolt having direct boot access and is farther up the hierarchy than USB.

 

I wonder how Intel let this slip by though, especially considering TB is supposed to be marketed towards high end, and professional markets.

Or, there's a chance they knew, didn't care and it'll be fixed with TB v3, leaving previous users in a bad spot. 

 

Once again, never let anyone plug anything random in your system, as a security precaution. 

They must have known, but chose to ignore it.

I remember reading comments on 4chan about how this would be possible the same day Thunderbolt was announced. There is no way that Apple and Intel couldn't figure it out if random people on 4chan could. I am not so sure it can be fixed either since direct access is also one of the benefits of Thunderbolt (lower latency).

 

 

Thunderbolt goes straight to the PCH (or at least can) and thus has access to pretty much everything. Thunderbolt can have much lower-level access to the computer's hardware than USB ever could due to essentially being a plug-and-play PCI-E device (USB has to go through a separate controller which needs to be initialized by the BIOS or OS IIRC). Might be wrong, but I think that's how it works.

You're probably right.

[Valentyn]

They must have known, but chose to ignore it.

I remember reading comments on 4chan about how this would be possible the same day Thunderbolt was announced. There is no way that Apple and Intel couldn't figure it out if random people on 4chan could. I am not so sure it can be fixed either since direct access is also one of the benefits of Thunderbolt (lower latency).

 

 

You're probably right.

 

Yup, seems they just rolled it out anyway. It's the issue with the nature of the device and port.

 

Hopefully their next iteration will at least have addressed this. 

This makes me think of those Mission Impossible scenes where they just plug in a device and bam, they have access to everything

[SuperfastJellyfish]

Ok here are the videos and what the other guys/girls posted 

 

Nice try, but once again, no where is it claimed that Macs don't get viruses.

 

I'll reiterate that the other links provided show no proof either.

[cesrai]

Nice try, but once again, no where is it claimed that Macs don't get viruses.

 

I'll reiterate that the other links provided show no proof either.

they did in the video and it's obvious open your eyes.

[BluntestTech]

Nice try, but once again, no where is it claimed that Macs don't get viruses.

 

I'll reiterate that the other links provided show no proof either.

 

https://en.wikipedia.org/wiki/Trojan_BackDoor.Flashback

 

http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected

 

 

[LukaP]

Nice try, but once again, no where is it claimed that Macs don't get viruses.

 

I'll reiterate that the other links provided show no proof either.

nowhere does it explicitly say that "macs dont get viruses" but they IMPLY it using the phrase Macs dont get PC viruses. now get off the high horse and realise not everything has to be explicitly stated to be considered said.

[SuperfastJellyfish]

they did in the video and it's obvious open your eyes.

 

In the video, PC has a virus. Mac says he won't contract the virus - Windows compatible viruses don't affect Macs. What part is making you think that Apple has claimed Macs don't get viruses at all?

 

Keep in mind that at the time this commercial was made, viruses on Macs were essentially non-existent, and was made before any substantial threats were present, unless you can provide sources that show otherwise.

 

https://en.wikipedia.org/wiki/Trojan_BackDoor.Flashback

 

http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected

 

 

 

'Macs don't get PC (referring to Windows based computers) viruses'.

 

The above statement is true.

 

If you're going to post shitty Reddit comic memes and admit that your reasoning is 'close enough', just give up.

 

 

nowhere does it explicitly say that "macs dont get viruses" but they IMPLY it using the phrase Macs dont get PC viruses. now get off the high horse and realise not everything has to be explicitly stated to be considered said.

 

No high horse, just calling people out on their bullshit.

 

You can interpret it to imply literally anything, it doesn't make it true.

[cesrai]

In the video, PC has a virus. Mac says he won't contract the virus - Windows compatible viruses don't affect Macs. What part is making you think that Apple has claimed Macs don't get viruses at all?

 

Keep in mind that at the time this commercial was made, viruses on Macs were essentially non-existent, and was made before any substantial threats were present, unless you can provide sources that show otherwise.

 

 

'Macs don't get PC (referring to Windows based computers) viruses'.

 

The above statement is true.

 

If you're going to post shitty Reddit comic memes and admit that your reasoning is 'close enough', just give up.

 

 

 

No high horse, just calling people out on their bullshit.

 

You can interpret it to imply literally anything, it doesn't make it true.

Nope it was generalized and he didn't say I don't get PC viruses he said PCs as only PCs get viruses and MAC don't.

[LukaP]

 

No high horse, just calling people out on their bullshit.

 

You can interpret it to imply literally anything, it doesn't make it true.

nope, youre on a high horse. apple knows (and has always known) their customer base. they can say "Apple wont get PC viruses" which is a completly legitimate statement, and is true, since windows kernel binaries dont work on unix without binary translation. but they also know that their customers will interpret it as "Apple doesnt get viruses", which is of course completly false, but is a great marketing strategy. now stop shitting on 3 different people proving you wrong, youre not patrick for gods sake

[SuperfastJellyfish]

Nope it was generalized and he didn't say I don't get PC viruses he said PCs as only PCs get viruses and MAC don't.

 

Please return to elementary comprehension. If you're old enough to use a computer, you should be old enough to decipher what is being said in the commercial.

 

Unless English isn't your first language, then fair enough.

 

 

nope, youre on a high horse. apple knows (and has always known) their customer base. they can say "Apple wont get PC viruses" which is a completly legitimate statement, and is true, since windows kernel binaries dont work on unix without binary translation. but they also know that their customers will interpret it as "Apple doesnt get viruses", which is of course completly false, but is a great marketing strategy. now stop shitting on 3 different people proving you wrong, youre not patrick for gods sake

 

Who's Patrick?

[fringie]

Windows doesn't get iOS viruses.

 

Time to get us some mac user baack @@@@@@@@@@@@@@@@@@@.

[LukaP]

 

Who's Patrick?

doesnt really matter, just a guy who doesnt admit hes wrong

[cesrai]

Please return to elementary comprehension. If you're old enough to use a computer, you should be old enough to decipher what is being said in the commercial.

 

Unless English isn't your first language, then fair enough.

 

 

 

Who's Patrick?

Nah I know my stuff it just your only getting it the wrong way.

[kuddlesworth9419]

Gonna need a source on this one.

Quote from Steve jobs from the grave....................."Macs don't get viruses".

[Fetzie]

Windows doesn't get iOS viruses.

 

Time to get us some mac user baack @@@@@@@@@@@@@@@@@@@.

 

I dunno, it isn't beyond the realms of possibility for this to happen to a Windows PC that used a Thunderbolt device.

[BluntestTech]

I dunno, it isn't beyond the realms of possibility for this to happen to a Windows PC that used a Thunderbolt device.

 

so something that infects Macs firmware will infect Windows ?  no windows machines wont be vulnerable to this malware but yes there might maybe be something that might use thunderbolt to infect Windows machine, unlikely because Windows machines with ThunderBolt are rare.

[fringie]

I dunno, it isn't beyond the realms of possibility for this to happen to a Windows PC that used a Thunderbolt device.

The one made for mac wont work on a windows machine due to the differences between them. Yeah, windows can prob get a similar issue but not the exact same one .

[cesrai]

doesnt really matter, just a guy who doesnt admit hes wrong

Should I tag him ? I like to see you flaming each other.

[flibberdipper]

Aww, that kinda stinks.

[Fetzie]

so something that infects Macs firmware will infect Windows ?  no windows machines wont be vulnerable to this malware but yes there might maybe be something that might use thunderbolt to infect Windows machine, unlikely because Windows machines with ThunderBolt are rare.

 

 

The one made for mac wont work on a windows machine due to the differences between them. Yeah, windows can prob get a similar issue but not the exact same one .

Obviously not this same "bootki", but the vulnerability will still exist for Windows PCs. It is the same Thunderbolt interface plugging in to the same PCH which has the same level of access to system memory, device firmware, storage media and the CPU.

[Psykomantis00]

well actually http://www.telegraph.co.uk/technology/apple/9355995/Apple-drops-virus-immunity-claim-for-Macs.html

 

before that Apple had kind of claimed that Macs are immune to viruses.

 

Nothing about that is incorrect. Mac's do not in fact get PC virus's. It's word tricks, but still correct in it's literal statement.