Thunderbolt Connection Flaw Places Millions of PCs Under Hacking Threat

OpenAI and Concerns with the Rollout of Chat GPT-4

The latest iteration of the AI language model is bigger, faster, and potentially dangerous The OpenAI CEO, Sam Altman, in a recent interview with ABC News talked about the rollout of GPT-4. In the interview, Altman starkly warned the new technology could be used for “large-scale disinformation” and potentially assist in cyberattacks. For what this technology promises, Altman has a strong reason to believe that certain ‘bad actors’ who don’t put some of the safety limits that OpenAI puts on. Gifted with the potential to reshape society, for better or worse, our fascination with AI and Chat GPT in particular

March 22, 2023

Meta Moves on from NFTs to Focus On Other Ways to Support Creators, People, and Businesses

Space left to grow NFT and Web3 content creator communities, but with whose tools? Meta last week announced plans to end support for NFTs on Facebook and Instagram, less than a year after jumping on the digital asset bandwagon. The move was announced Monday, March 13th, by Meta commerce and fintech lead Stephane Kasriel. Kasriel wrote in a tweet: “We’re winding down digital collectibles (NFTs) for now to focus on other ways to support creators, people, and businesses.” It hasn’t been easy for the entire crypto sector recently. And it’s no surprise that investors have decidedly soured on both cryptocurrency

March 19, 2023

Crypto Casino Candy Club Helps Token Projects Defy Bear Market

New feature CandyGold enables communities of token projects to enter the platform and claim rewards in a variety of tokens. In the 15 months since Bitcoin peaked at over $68,000, the crypto industry has been hit with an ongoing winter due to macroeconomic challenges and catastrophic events, from the collapse of Terra Luna and the FTX fallout, to the recent Silvergate-induced banking crisis. The crypto market capitalization is now at US$1.06 trillion, down nearly 67% from its highest, according to crypto tracker CoinMarketCap. Crypto had a bull run in 2020/2021, but the market has not maintained its pace as

March 16, 2023

Dutch researcher, Björn Ruytenberg of the Eindhoven University of Technology, demonstrated how hackers will be able to access personal information of millions of PC users using the Intel Thunderbolt port on Sunday, as reported by Wired.

He coined the term Thunderspy for this new security breach method.

According to his research, Thunderspy will target only those PCs that have been manufactured prior to 2019 and have a Thunderbolt port only.

Any hacker who gets brief physical access – even five minutes – to a computer can read and copy your data irrespective of whether it’s encrypted or not. Even top security measures won’t be able to stop this hands-on hacking.

The only tools that the hacker needs? Some time alone with the computer, portable hardware, and a screwdriver.

What makes it worse is that users won’t be able to find any proof of the attack. This is primarily because there is absolutely zero involvement on the user’s part.

Sadly, Ruytenberg has also confirmed that the vulnerabilities discovered in the Thunderbolt connection cannot be fixed in software and instead, a complete hardware redesign would be required.

The researcher has even published a video demonstrating how the attack would be performed.

The video starts by showing Ruytenberg removing the backplate of a password-protected Lenovo ThinkPad laptop, and attaching a small device to the inside. He then disables the security and gets instant access to the computer after restarting it – even after not knowing the password.

It takes him only five minutes to get access to confidential data on a laptop, which ideally he shouldn’t have been able to open.

Interestingly, Apple’s Macs have been offering Thunderbolt connectivity since 2011 as well.

MacOS systems will indeed be vulnerable to attacks, but researchers have said that it will only be “partially affected” by Thunderspy.

Luckily, Ruytenberg also offers safety advice to PC users.

He suggests disabling Thunderbolt ports on the computers in the machine’s BIOS followed by enabling the hard drive encryption. Ruytenberg also urged users to turn off the computer before leaving it unattended.

Furthermore, researchers have predicted vulnerability for USB 4 controllers and peripherals too, and suggest thorough testing for the same once they’re available.

Photo Credit: Przemyslaw Marczynski