How to Check If Your Thunderbolt Ports Can Be Jailbroken

If you have a computer with Thunderbolt ports, you may encounter a severe firmware error known as Thunderspy. The vulnerability, discovered by security researcher Björn Ruytenberg , affects all Thunderbolt ports and USB-C or DisplayPorts that support Thunderbolt cables. This gives the hacker full access to everything on your computer, even if it is stored on encrypted hardware. Not only can someone steal all of your data in a matter of minutes – the Thunderspy attack performed is also untraceable. You don’t even know that the hack has occurred.

This is a serious vulnerability, but it can only be exploited if an attacker has physical access to your machine and enough time to open it and launch an attack. While it may sound daunting, Ruytenberg and others have detailed nine real-world scenarios in which a hacker can easily carry out a Thunderspy attack in less than 5 minutes, including the “evil maid” method in which someone breaks into a hotel. room and uses Thunderspy while the owner of the computer is elsewhere.

However, some hardware is protected from Thunderspy.

MacOS computers are safe if they don’t have Windows or Linux installed via Bootcamp, as are Windows PCs that lack Thunderbolt support. There is also a small selection of the latest computers that feature a special security system from Intel known as Kernel Direct Memory Access Protection (Kernel DMA), which prevents Thunderspy attacks. You can read more about Kernel DMA here .

Unfortunately, Kernel DMA was only introduced in 2019, which means most computers with Thunderbolt-compatible USB and DisplayPort connectors are at risk.

Worried users can check if their machine is vulnerable with a free open source diagnostic app that can tell you immediately if you are at risk.

How to install and use Spycheck

  1. Download Spycheck here (available for Windows and Linux).
  2. Unzip the file.
  3. Find and run the “Spycheck” application in the unzipped folder.
  4. Select your language (English by default), then click Next.
  5. Click “Accept” to accept the Spycheck license agreement.
  6. Select your PC’s port configuration from the options listed. Click “Next” to start the test.
  7. The next screen displays the test results.
  8. Click “Exit” to close the application.

If Spycheck reports that you are at risk, you need to make sure your equipment is safe – both digitally and physically.

While it is unlikely that average users will be directly targeted, you should still practice data security in public places. Many of them are pretty simple:

  • Keep track of your belongings and never leave them unattended.
  • Never let strangers use your devices.
  • If you’ve decided to let someone you trust borrow your devices for a short while, be sure to create a guest profile to use in place of your main account.
  • Finally, if you are giving away or selling your old hardware, make sure you erase all data stored on it by performing a factory reset.


Leave a Reply

Your email address will not be published. Required fields are marked *