Thunderstrike allows a malicious actor to replace the firmware in Macs with something much more nefarious. The firmware controls extremely low-level functions of the computer, everything that happens from the moment the power button is pressed.
Thunderstrike allows someone to use a Thunderbolt device, perhaps something as simple as a Thunderbolt-to-HDMI dongle, to reboot the computer and replace its firmware with custom designed backdoors. It could, in theory, completely bypass any existing protections on the computer. It would also survive reformatting of the hard drive and reinstallation of the OS X operating system, because it would be installed at the very lowest levels of the computer.
It only requires brief physical access to the machine, say from someone posing as a hotel maid or a customs agent inspecting a computer at a border crossing, to plug in the compromised Thunderbolt attachment and restart the computer.
Apple has already rolled out temporary fixes to the Retina 5K iMac and new Mac Mini, which was introduced in 2014. A more permanent solution is coming in OS X Yosemite 10.10.2.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now