Communications of the ACM
Most Laptops Vulnerable to Attack via Peripheral Devices, Say Researchers
Researchers have found that hackers can potentially hijack unattended computing devices through peripherals like chargers and docking stations.
Credit: University of Cambridge
Researchers at the University of Cambridge in the U.K. and Rice University have determined that hackers can potentially hijack unattended computing devices in seconds through peripherals like chargers and docking stations.
The researchers uncovered flaws in computers with Thunderbolt ports running Windows, macOS, Linux, and FreeBSD, and drew from that the conclusion that many modern laptops and a growing number of desktops are vulnerable.
The flaws were exposed via Thunderclap, an open source platform created to study the security of peripherals and their interactions with operating systems (OSes).
Peripherals such as network cards and graphics processing units have direct memory access (DMA), allowing them to circumvent OS security policies.
Current systems have input-output memory management units that shield against DMA attacks by limiting memory access to peripherals that execute legitimate functions, and only permit access to non-sensitive regions of memory.
However, these safeguards are often deactivated in many systems, and can be compromised even when active.
From University of Cambridge (U.K.)
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA
No entries found