Reversible USB Type-C finally on its way, alongside USB 3.1’s 10Gbit performance

CES is as much a concept show as a practical demonstration of shipping hardware, and much of the focus tends to be on products that may not see the light of day for years, if ever. One of the more practical products shown off this year that we can be confident will be coming to market is the USB Type-C connector and the accompanying USB 3.1 standard.

The near-universal frustration over attempts to connect USB devices to computers has been a staple of nerd humor and lampooned in various ways until Intel finally found a way to take the joke quantum.

USB Type-C promises to solve this problem with a universal connector that’s also capable of twice the theoretical throughput of USB 3.0 and can provide far more power. Type-C connectors will not be the only type of connector that’s produced, but apparently hybrid cabling won’t be allowed. There will be USB 3.1 cables that are backwards compatible with existing USB 3.0 ports, but no Type-C adapters with conventional USB at one end and the new connector at the other.

Signal overhead is also expected to drop significantly, thanks to a switch to a 128-bit and 132-bit encoding scheme, similar to that used in PCI-Express 3.0.

Type-C, USB 3.1 not always hooked together

The Type-C plug can be used with previous standards of USB, which means manufacturers don’t automatically have to adopt expensive 3.0 hardware if they want to include it in mobile devices.

A USB Type-C port next to USB 3.0.

This is going to inevitably cause confusion. One reason the shift from USB 2.0 to 3.0 was relatively painless is because coloring both the cables and plugs bright blue made it impossible to mistake one type of port for the other.

The upside to decoupling USB 3.1 from USB Type-C, however, is that companies can deploy the technology on mobile phones and tablets without needing to opt for interfaces that inevitably consume more power. Then again, some might argue that this would be a moot point — the USB controller can be powered down when it isn’t active, and when it isactive, the device should be drawing power off the PC or charging port anyway. Heat dissipation could theoretically remain a concern — higher bandwidth inevitably means higher heat, and in devices built to 3-4W specifications, every tenth of a watt matters.

If I had to bet, I’d bet that the 100W power envelope on USB 3.1 will actually be of more practical value than the 10Gbps bandwidth capability. While it’s true that USB 3.1 will give external SSD enclosures more room to stretch their legs, the existing standard still allows conventional mechanical drives to run at full speed while SSDs can hit about 80% of peak performance for desktop workloads. It might not be quite as good, but it’s a far cry from the days when using USB 2.0 for an external hard drive was achingly slow compared to SATA.

The ability to provide 100W of power, as opposed to 10W, however, means that nearly every manufacturers could ditch clunky power bricks. There would still be concern about ensuring that connect points were sufficiently reinforced, but provided such concerns can be accounted for, the vast majority of laptops could switch over to the new standard. Hard drives and other external peripherals could all be powered by single wires, as could USB hubs for multiple devices.

The higher bandwidth is nice, and a major selling point, but the flippable connector and the power provisioning will likely make more difference in the day-to-day reality of life. As forcompetition with Intel’s Thunderbolt, USB 3.1 will continue to lag Intel’s high-speed standard, but as bandwidth rises this gap becomes increasingly academic. At this point, it’s the features USB doesn’t allow, like RAID and TRIM, that matter more than the raw bandwidth does in most cases.

There’s no word yet on when we’ll see motherboards and add-in cards shipping with USB 3.1 support, but current rumors point to late 2015 or early 2016. Type-C connectors could ship more quickly, since the cable standard is compatible with pre-existing USB chipsets.

Now read: USB Type-C cable will also support DisplayPort. Finally, one cable for every hole

+

GSM Controlled Robot using Microcontroller

GSM controlled robot or SMS controlled robot is a wireless robot which performs the necessary actions by receiving a set of instructions in the form a Short Message Service (SMS). In this project we can control the robot directions like forward, backward, left and right by sending SMS from the mobile. Earlier, we have already seen the working of a DTMF Controlled Robot without using Microcontroller.This project mainly consists of 2 sections, one is mobile unit and the other one is robot unit. The GSM modem which is fixed at the robot receives the messages sent by the mobile and gives the instructions to the microcontroller to control the robot directions. In this project, we interface 8051 microcontroller with GSM SIM 300. The protocol used for the communication between controller and GSM modem is UART (Universal Asynchronous Receiver-Transmitter). This system continuously checks for message to take the decision for controlling the robot.

GSM Controlled Robot Circuit Principle:

When we send the message from the mobile to the modem, GSM modem sends the below command serially to indicate that new message is received.

+CMTI: “SM”,3

In the above command number 3 indicates the location of the new message. Now we need to read this unread message to display it on LCD. The command to read the message from GSM modem is

at+cmgr=3

Here the number 3 indicates the location of the message to be read. After sending this command to GSM module, modem sends the below command serially.

+CMGR: “REC UNREAD”,”MD-WAYSMS”,,”13/05/20,15:31:48+34″
forward

In the above command “REC UNREAD” indicates that message is unread message, “MD-WAYSMS” indicates sender mobile number or name, 13/05/20 indicates the date, 15:31 indicates time and forward is the content of the message.

From the above command, we need to extract message (forward) sent by the user. Now compare this message with predefined strings (forward, backward, left, right), based on result control the robot.

GSM Controlled Robot Block Diagram:

GSM Controlled Robot – Block Diagram

GSM Controlled Robot using 8051 Microcontroller Circuit:

GSM Controlled Robot Circuit Diagram

Hardware Requirements:

• 8051 Microcontroller
• AT89C51 Programming board
• Programming cable
• 16*2 LCD
• MAX 232 level converter
• GSM sim 300 module
• L293D motor driver
• Robot
• 9V DC batteries – 2
• 5V power supply circuit
• 0.1uF ceramic capacitors – 4
• 33pF capacitors – 2
• 10uF electrolytic capacitor
• 12MHz crystal
• 10k (1/4 watt) resistor
•  Single pin connecting wires

Software Requirements:

• Kiel U vision
• Flash magic
• Proteus

  SMS Controlled Robot Circuit Design:

  The major components used in the above circuit are microcontroller, motor driver, level converter, GSM module and robot. Here at89c51 microcontroller is used and it requires a power supply of positive 5V DC. In order to provide regulated 5V DC voltage to the controller, use 7805 power supply circuit. Here two 9V batteries are used, one is for giving the supply to the circuit and other is to run the DC motors.
  In the above circuit, 16 x 2 LCD is connected to the PORT1 of the microcontroller in 4 bit mode. LCD data lines D4, D5, D6 and D7 are connected to P1.4, P1.5, P1.6 and P1.7 respectively and control pins are connected to P1.0, P1.1 and P1.2. Here it used to indicate the received message.
   GSM modem Tx and Rx pins are connected to the 13 and 14 pins of max232. Microcontroller TXD and RXD pins are connected to the 11 and 12 pins of level converter. Here max232 is a mediator between controller and GSM module and it is used to convert the voltage levels. To know more details about max232 refer Max232 Datasheet.
  GSM module requires 5V power supply. In order to communicate with this GSM we need to send AT commands using serial communication (UART protocol). Use a baud rate of 9600 to communicate with GSM.
  P2.0, P2.1, P2.2 and P2.3 pins of controller are connected to the l293d input pins and these pins are used to control the two DC motors. The operating voltage of this IC is 5V. Using this IC we can operate the 2 DC motors with a voltage ranging from 4.5 to 36V. We need to apply the motors supply at 8^th pin of l293d. To know more about motor driver IC refer L293D Datasheet.

  GSM Controlled Robot Circuit Working Algorithm:

  1. Initialize the LCD and UART protocol
  2. Continuously check for the command +CMTI: “SM”,3 (Location number) to know weather new message is received or not
  3. If you receive the command then store message location number.
  4. Now read that particular message and extract the body of the message
  5. Display the extracted content on LCD and compare this content with predefined strings.
  6. If matched then perform the necessary action on robot.
  Use below code to read a new message from the GSM modem.
  while (rx_data() ! = 0x0d);
  while (rx_data() ! = 0x0a);
  if (rx_data() == ‘+’)
  {
  if (rx_data() == ‘C’)
  {
  if (rx_data() == ‘M’)
  {
  if (rx_data() == ‘T’)
  {
  if (rx_data()==’I’)
  {
  while (rx_data() != ‘,’);
  a = rx_data ();
  delay_ms (10);
  tx_string (“at”);
  tx_data (0x0d);
  tx_data (0x0a);
  tx_string (“at + cmgf =1″);
  tx_data (0x0d);
  tx_data (0x0a);
  tx_string (“at + cmgr =”);
  tx_data (a);
  tx_data (0x0d);
  tx_data (0x0a);
  while (rx_data() ! = 0x0a);
  while (rx_data() != 0x0a);
  while (rx_data() ! = 0x0a);
  for (i=0; i<15; i++)
  {
  read [i]= rx_data();
  }
  lcd_stringxy(1,0,read);
  delay_ms (5000);
  }
  }
  }
  }
  }

  How to Operate GSM Mobile Controlled Robot?

  1. Write the program to the GSM controlled robot project using keil software
  2. Now burn the program to the microcontroller with the help of flash magic.
  3. Give the connections as per the circuit diagram.
  4. Use power supply circuit to provide 5V DC to the microcontroller
  5. Insert the SIM (Subscriber Identity Module) to the GSM module.
  6.  Now switch on the supply
  7. Send SMS to the GSM module using other mobile
  8. Now you can see the same message on LCD.
  9.  If the received message match with any predefined string then robot moves accordingly

     GSM Controlled Robot Circuit Applications:

     • This project is used in robotic applications
     • Used in military applications.

     Limitations of the Circuit:

     • Robot section must have the network to receive the commands wirelessly.
     • As there is no password any one can operate the robot by sending message.

+

Android 5.0.2 factory images available for Nexus 10 and 7 2013

Android Lollipop has been a reality for quite some time now, but the massive OS overhaul is undoubtedly a huge venture and there is still a lot of work to be done to get a final polished product.

Even though there are AOSP builds for pretty much all current Nexus devices it comes as no surprise that not only outside manufacturers are still knee deep in integrating Lollipop into their device lineup, but Google itself is also hard at work polishing rough-edges on its own standardized hardware.

Today an Android 5.0.2 build war released on the Google Developers website for both the Nexus 10 and Nexus 7 WiFi - 2013 model tablets. This is a minor version update and it is primarily intended to patch a couple of minor bugs on the aforementioned devices.

According to the changelog the build addresses issues with storage and alarm problems. A build with the same version number first saw the light of day late last month for the Nexus 7 2012 tablet. It patched the very same issues and presumably that device was the first to experience them.

Google has not released the minor 5.0.2 update for Nexus 6, Nexus 5 and Nexus 9 yet, but that is only natural if said devices do not require the specific bug fixes. An OTA is not planned for the new build as of now, so nexus 10 and 7 WiFi 2013 owners can head on to the developer page and follow the manual update instructions.

+

Android 5.0 Lollipop update for the LG G2 is live in South Korea

The Android 5.0 Lollipop update for the LG G2 looks to be happening right now for some users in South Korea. According to LG Phone Firmware, which tracks the company's progress on updating its smartphones, the Lollipop update for the phone is seeding right now for LG G2 units working on SK Telecom and LG U+ netoworks.

The update is marked under the version V30D, with the "3" indicates the Android version. V20A is a KitKat build, while the V20D is the build that brought Knock Code to the G2. In fact, you can go ahead and download the update yourself, but always be prepared to revert back to your stock build. In any case, this shows that LG will soon be releasing the update internationally as well.

A recent video of the LG G2 running Android Lollipop appeared and there you can see what the update looks like.

+

Samsung Galaxy Core Prime review: Core values

Introduction

The Galaxy Core lineup represents Samsung's take on the essential smartphone. The Galaxy Core Prime updates the base formula in two areas - a slightly better camera and slightly better chipset - and it serves as a smaller alternative to Galaxy Grand Prime.

  
Samsung Galaxy Core Prime official photos

The Core Prime was announced mere months after Galaxy Core II (not to mention Core LTE, Core Lite LTE and several others), but brings definite improvements over all members of the family, even if most specs are shared among the Cores.

For one, the 64-bit capable Snapdragon 410 is definitely a first. The 5MP/720p camera has been done on other Cores, but it is still the best in the lineup. The front-facing camera is the best one yet - a 2MP/480p shooter - that goes over the low bar of having no selfie camera at all or a 1MP one. It defiantly lacks the ambition of the Galaxy Grand Prime's selfie camera but it's also not very ambition when it comes to pricing so it all sounds fair.

Key features

• Optional Dual SIM version available
• 4.5" 480 x 800 TFT display with 207ppi
• Android OS v4.4 KitKat with TouchWiz UI
• Quad-core 1.2 GHz Cortex-A53 processor, Adreno 306 GPU, 1GB of RAM, Snapdragon 410 chipset
• 8GB built-in storage, microSD card slot
• 5MP camera with LED flash, 720p video recording; 2MP front-facing camera
• Cat. 4 LTE (150/50Mbps); Wi-Fi b/g/n; Bluetooth 4.0; NFC; GPS; microUSB, FM radio
• 2,000mAh battery

Main disadvantages

• Screen ppi is entry-level
• No screen protection glass
• No automatic brightness sensor

Coming off our Galaxy Grand Prime review, we know that a lot of the 64-bit benefits hang on an Android 5.0 Lollipop update. Considering the Core Prime was announced only recently, the prognosis on an update is good, but nothing is guaranteed.

The camera department is a definite update over the Galaxy Core II, where the 5MP snapper only recorded 480p video and there was a 480p front-facing camera. Three other Core models (Plus, LTE and Lite LTE) also shoot 720p video, but they all lack the Core Prime high quality selfie snapper.

   
Samsung Galaxy Core Prime at the office

Speaking of the Grand, in its review we discussed the recent popularity of large screens with low resolution. While in terms of pixel density the Galaxy Core Prime is in the same range, its entry-level position makes us more willing to forgive the sub-HD resolution and the lack of an IPS screen matrix.

True to its position in the market, the phone has a dual-SIM flavor. One version, the G360F, even reaches above its station with 4G LTE connectivity, but that's exclusive to China and Taiwan.

+

Apple Watch companion app for iPhone gets detailed

Details on the upcoming Apple Watch companion app for iPhone made the rounds online. Still in the works, the application allows users to manage the settings of their wearable device from their smartphone.

The iOS app reveals a number of Apple Watch features and settings that will be available to the user. They range from customization options, through clock functionality and notifications, all the way to accessibility and motion settings.

Customization will unsurprisingly be a major staple of the Apple Watch. Users will be able to arrange the apps in the smooth-scrolling cluster to their liking.

Clock functionality will include a face feature dubbed Monogram. The latter will allow users to put their initials on the face of their Apple Watch.

Handling of messaging functions will take place via voice transcribing or actual audio. Users will be able to disable the read receipts on the Apple Watch in the same way as they do on their Mac, iPad, or iPhone.

Maps functionality on the Apple Watch will utilize the Taptic Engine, which will signal when it is time for a user to make a turn. The feature will can be disabled if desired.

Accessibility options on the Apple Watch will be extensive just like on the rest of the company’s products. The same goes for the activity and motion settings.

Finally, the ‘about’ screen of the companion app will provide vital information about the Apple Watch such as storage capacity, the amount of multimedia files stored on it, as well as its serial number and the number of apps it contains.

Apple Watch is expected to hit the shelves at some point in March this year. As expected, the entire industry is on the lookout about the functionality the device will deliver.

+

All iPhone 6 and 6 Plus models are now in stock at Apple

                                                       It finally looks like Apple was able to sort out its production issues for the iPhone 6 and iPhone 6 Plus. Ever since their release last year, certain variations of the two models have been intermittently unavailable in the company's online store, almost certainly due to supply chain woes.

Not anymore, though. For the first time all of the iPhone 6 and iPhone 6 Plus models are showing as being either in stock or shipping within one business day. And the latter applies only to the unlocked units, which Apple began selling directly not long ago.

If you go for carrier variations, though, you're all set to receive your brand new toy as fast as possible. No matter what you choose, an iPhone 6 or 6 Plus, whether you go for 16, 64, or 128GB of storage, and regardless of your carrier choice (be it AT&T, Verizon, Sprint, or T-Mobile), every single one of these phones is currently in stock. Hopefully this situation will last, and it will soon extend to the unlocked models.

As always, if you go the carrier route you need to shell out $199 for a 16GB iPhone 6, and then add $100 more for each capacity bump. The bigger iPhone 6 Plus starts at $299 with 16GB of storage, and it too goes up in $100 increments. In unlocked form the iPhone 6 starts at $649 and goes all the way up to $849, while the iPhone 6 Plus is priced between $749 and $949.

+

Google Fiber, Utility Poles & The FCC

If the FCC gives Google access to public telecom infrastructure for deploying Google Fiber, it could open the door for many broadband providers.

One of the advantages for big telecom providers that want to deploy new lines to reach customers is the ability to tap into public infrastructure, such as utility poles and ducts. These physical resources are something that carriers such as AT&T, Verizon, and Comcast are reluctant to share, especially with Internet companies. But Google is fighting hard to get access in order to reduce the cost of deploying its popular Google Fiber service.

That's why Google is asking the Federal Communications Commission, which is currently considering treating Google Fiber as a telecommunication service, to give the service the same access that other telecom providers have to public infrastructure. This could save the company up to 90% of the cost of wiring homes.

If Google and other fiber providers are given pole access, it could be the beginning of a race
to deploy fiber-to-the-home (FTTH) to many cities and towns, where the cost of digging trenches has deterred many initiatives and protected the monopolies of the entrenched telecom providers.

Current regulations in the US require companies with utility poles in public rights of way to provide access to certified telecommunications providers. In many cities and towns, both public entities such as city governments as well as the incumbent telephone company have deployed infrastructure to reach every home. 

In Europe, where population density in cities is much higher, most of the telecommunications infrastructure runs underground, and cities have invested heavily in deploying dark fiber, which usually runs in the sewer network. When a telecom provider wants to deploy fiber in a building, it taps into the city’s existing fiber network and leases a point-to-point connection to its own data center. That makes deploying FTTH solutions much cheaper. But in the US, cities are generally less dense, and deploying underground fiber to all residential areas represents a huge investment.

The FCC wants to classify services such as Google Fiber as telecommunication services under Title II of the Communications Act of 1934. One reason the FCC is moving to reclassify fiber and cable broadband services, including the ones offered by telecom providers, is its push to regulate Net neutrality. Advocates for Net neutrality believe that Title II classification would allow the FCC to protect Internet services by regulating against paid prioritization. 

Specifically, FCC the regulation mandates that it "shall be unlawful for any common carrier to make any unjust or unreasonable discrimination in charges, practices, classifications, regulations, facilities, or services for or in connection with like communication service, directly or indirectly, by any means or device, or to make or give any undue or unreasonable preference or advantage to any particular person, class of persons, or locality, or to subject any particular person, class of persons, or locality to any undue or unreasonable prejudice or disadvantage." 

Also, Title II classification would require providers to obtain FCC authorization for raising prices, changing the service, or any other conditions on customer agreements. 

Until now, Internet broadband services were basically excluded from FCC oversight since they were not considered basic telecommunication services under Title II. If the FCC is successful in reclassifying those services, it could add an important layer of regulation and scrutiny to complex Internet broadband offerings. 

Google has deployed its fiber service in a few cities, with high acceptance by consumers. But it is very expensive for the company to reach many areas because of the costs of digging trenches to deploy the fiber lines.

A year ago, the city of Austin, Texas, wanted to change regulations in order to allow Google to access all utility poles, both those owned by the city and by AT&T. "It’s about speed. Obviously being able to attach to existing utility poles makes building fiber and bringing it to Austin residents much faster,” Google spokeswoman Jenna Wandres told the Austin American-Statesman.

AT&T, the incumbent provider of telecom services to the city, fought the move, claiming that Google is not a telecom provider. “Google has the right to attach to our poles, under federal law, as long as it qualifies as a telecom or cable provider, as they themselves acknowledge," AT&T Public Affairs VP Tracy King told the Austin newspaper. "We will work with Google when they become qualified, as we do with all such qualified providers."

Now, the FCC has the opportunity to change all that, and open the gates for many small and big suppliers to compete in an area where the telecom giants face very little competition

+

How To SIM Unlock iPhone On iOS 8 – 8.1 (Guide)

Unlocking iPhone is very popular, but it sometimes becomes hard to unlock an iPhone when you don’t really know how to. Well if you want to SIM unlock iPhone running on iOS 8 and above, you have come to the right place. Here is the guide on how to SIM unlock iPhone on iOS 8 – 8.1.

SIM Unlock iPhone Guide

This post will tell you on how to unlock an iPhone running iOS 8 – 8.1 using the SIM unlockmethod. Do note that this is different from the factory unlocking as you will need the R-SIM constantly.

Before I begin the guide on unlocking iPhone on iOS 8+ using R-SIM, you need to know a few things. Therefore, check out the important notes below before attempting the guide.

Notes:

• This method uses an R-SIM. You will need to purchase an R-SIM otherwise it won’t work.

• You can use other SIM’s to unlock iPhone but so far only R-SIM has been known to unlock.

• You can unlock iPhone on any versions from iOS 8 – 8.1.2.

• This works on all versions of iPhone from 4S and above.

• You will need 3G compatible SIM only as 4G currently does not work while using an R-SIM.

iPhone’s which can be unlocked:

• iPhone 4S.

• iPhone 5.

• iPhone 5c.

• iPhone 5S.

• iPhone 6.

• iPhone 6 Plus.

Let’s begin the guide on unlocking iPhone using R-SIM method.

Step 1: Take out your SIM card placeholder.

Step 2: Put R-SIM in it and on top of that put your regular SIM card.

Step 3: You will be presented with an options menu.

Step 4: Select your iPhone from here. If you have an iPhone 5 tap on the “mode2 for iOS6 i5″. It depends on which R-SIM you have. This option might be different for you.

Step 5: Now select your network from the given menu. An example can be “U.S. AT&T”.

Step 6: Tap on “Accept”.

Step 8: Restart your iPhone.

If you have taken the above steps correctly, your iPhone should be unlocked on any version of iOS 8.

Here is the video of an R-SIM unlocking an iPhone

https://www.youtube.com/watch?v=oesMd_ovz-M

That’s a pretty easy way to unlock an iPhone running iOS 8 and above.

If you have an iPhone 6 or iPhone 6 Plus, and are compatible with the requirements, you canunlock your iPhone for free and that too a factory unlock method. To do that, just head over to the link below.

+

Stunning 12-inch Macbook Air Concept Pictures

Apple this year is finally going to introduce a new Macbook in the already packed Macbook lineup. The 12-inch Macbook is going to be completely redesigned and an upgrade to the current Macbook Air lineup – something which was needed for quite sometime now.

The new 12-inch Macbook Air is expected to feature a complete new design and be incredibly thin – something which Apple has been aiming for a very long time.

The new Macbook Air is going to do away with all the ports that are currently available on aMacbook Air, instead, it will feature a new USB Type-C port, which will be used for charging as well as connecting any other external device.

Well, Martin Hajek, a popular concept artists has taken yesterday’s report and turned it into a piece of art. These new concept pictures of the 12-inch Macbook Air show various colors and are absolutely stunning. Check it out!

As you can see from the pictures above, the new 12-inch Macbook Air looks stunning.

Although these might just be concept pictures and are not confirmed to be the real deal, but the new Macbook Air which will come out later this year, will look quite similar to these.

+

New Apple malware is undetectable, unstoppable, and can infect any Thunderbolt-equipped device

Apple products have long enjoyed a reputation for superior security in relation to Windows systems, but a new proof-of-concept malware delivery method could put a serious dent in that reputation. The exploit, dubbed Thunderstrike, currently can’t be detected or removed by any known process without using specialized hardware. Security researcher Trammell Hudson has demonstrated how to use a Thunderbolt peripheral to load what he’s calling a “bootkit” via the device’s Option ROM.

Option ROMs are optional or peripheral-specific blocks of memory that were first deployed in the 1980s as a way of storing critical programs or retrieving peripheral-specific blocks of memory. They’re initialized early in the boot process and often “hook” to the BIOS to provide a bootable device or network boot. Thunderbolt devices contain their own Option ROMs, and Apple hardware checks these areas as part of its boot sequence.

The exploit package is injected from the infected Thunderbolt device’s Option ROM directly into the system’s extensible firmware interface (EFI). Official documentation on the EFI/UEFI standard, shown below, seems to imply that this is impossible, since the firmware is supposed to be locked by default:

In theory, EFI mechanisms prevent this attack.

Unfortunately, it isn’t. Hudson’s research and testing indicates that the Option ROMs areloaded during the recovery mode boot process. The one snag, at this point, is that Apple still checks the signature of the EFI file itself. Change the file size or contents, and it fails the check — or it would, if the research team hadn’t devised a method of replacing Apple’s stored public RSA key with a key under their own control.

Once this step is taken, there’s no going back. Without a proper RSA authentication key, it’s impossible for the end user to update the device’s firmware with a standard Apple image. All attempts to do so will fail authentication. With such basic access to the system, there’s very little an attacker can’t do. The entire system can be monitored, keystrokes logged, website visits tracked, password data recorded. The bootkit can also be passed to otherThunderbolt devices if they’re connected to a compromised machine.

Are “evil maid” attacks a valid vector?

The one slice of good news in this issue is that the attack does require at least a brief window of physical access to the system. In most cases, that kind of requirement confines most attacks to strictly theoretical exercises, but Thunderstrike is somewhat different. First, the attack is fast. The attacker doesn’t need to sit down at the PC for several minutes, or even enter data. Surreptitiously plug in a Thunderbolt device, hold down the power button for several seconds, and boom — the attack can execute and self-install in a scant number of minutes. Depending on how sneaky the execution is, a casual observer might see nothing but a longer-than-normal boot cycle.

The standard model for physical-access attacks relies on the idea of the evil maid — someone who can access a system while it’s stored in a hotel room or locked in a safe, but I daresay the speed and subtlety of this hack make it a larger threat. If you’ve ever attended a business conference or tech event, it’s not exactly rare for people to have laptops out but not strictly attended to, or to leave a system sit for a few minutes while they use the restroom or grab a soda.

Third, and most chillingly, we now know that government agencies actively engage in the kind of targeted intercept that makes an attack like this work. One of the reports leaked by Edward Snowden detailed how the NSA will intercept hardware en route from manufacturers like Dell and HP, modify it with rootkits and spyware before it reaches its destination, then repackage the equipment and ship it on its way. While there’s no way of knowing just how widespread such tactics are, we know it happens — exploits like Thunderstrike are likely worth their weight in gold to the various national intelligence agencies of the world.

Apple is preparing a firmware patch that will at least refuse to load Option ROMs during firmware updates, but it leaves open a different security exploit first detected in 2012. The timeline for a complete fix is unknown.

+