six colors

by Jason Snell & Dan Moren

Support this Site

Become a Six Colors member and get access to an exclusive weekly podcast, community, newsletter and more.

Linked by Dan Moren

Rich Mogull on the Thunderstrike 2 worm

From TidBITS:

No, nearly everyone can ignore Thunderstrike 2 entirely. The research really is excellent, compelling work that the Wired piece unfortunately turned into a bit a fright-fest. The Web attack vector, in particular, is blocked in OS X 10.10.4. The worm can’t automatically jump air gaps — those in sensitive environments can easily protect themselves by being careful where they source their Thunderbolt devices, and this entire family of firmware attacks is likely to become a lot more difficult as hardware improves, and as device manufacturers update their firmware code.

Upshot: This is security research—exactly what experts do to point out where security can be improved—not real live exploits that are attacking people. Rich is a friend and about the smartest guy I know in Mac security; if he says the Thunderstrike 2 worm isn’t a big deal for most folks, then it isn’t.