Security bingo

Every Thunderstrike related story has some comments that always appear. If you want to play bingo in the comment section, here is what you can expect to find:

  • You can't write to ROM! It's "Read-Only"!

  • Macs don't get viruses!

  • It's not a virus/worm/trojan because it doesn't ...
  • BIOS != UEFI (or EFI != UEFI)
  • BIOS need to have write-protect switches!
  • No one uses Thunderbolt, so this doesn't matter!
  • Physical control == All security bets are off!
  • If they have physical control, they can just steal the laptop!
  • Since it needs root access I don't have to worry about it.
  • This is old news because Inception was fixed in ...
  • A low-level format will get rid of it!
  • Does this work with USB?
  • I use FileVault disk encryption, so I'm safe.
  • I have a firmware password, so I'm safe.
  • I never leave my laptop alone, so I'm safe.
  • I never run code as root, so I'm safe.
  • I run Linux, so I'm safe.
  • This is Intel's fault since they invented Thunderbolt.
  • This is Intel's fault since they wrote EFI.
  • Secure Boot solves this problem.
  • Why do these security people keep revealing bugs? Doesn't that just help the hackers?

Security 2015

Last update: November 8, 2020