Pixel Envy

Written by Nick Heer.

Reporters Vulnerable to Misreporting Macintosh Security Problems

Bad reporting on the state of Macintosh security is nothing new, and ZDNet’s Adrian Kingsley-Hughes adds another one to the stack. I missed this one when it was written a couple of weeks ago, but I thought I’d make up for some lost time today:

Macs vulnerable to virtually undetectable virus that “can’t be removed”

That headline can be broken into three distinct parts:

  1. Is the malware “undetectable”, or virtually so?
  2. Is it a “virus”?
  3. Is it, in fact, impossible to remove?

Let’s start with the first claim in the headline: Thunderstrike is “virtually undetectable”. Kingsley-Hughes reports it so:

“Since it is the first OS X firmware bootkit, there is nothing currently scanning for its presence. It controls the system from the very first instruction, which allows it to log keystrokes, including disk encryption keys, place backdoors into the OS X kernel and bypass firmware passwords,” Hudson said.

Well, when I say “reports”, Kingsley-Hughes basically dumps bits of Trammel Hudson’s original post into the ZDNet CMS, adds a few summarizing phrases, and dusts his hands before hitting the “Publish” button. But I digress.

Kingsley-Hughes’ selected quote, however, clearly states that nothing is currently detecting this malware; that doesn’t mean that nothing could. In Hudson’s original post, he clearly says that the boot ROM — where this attack lives on the system — is being verified at boot in software. It’s entirely possible that its contents could be dumped and checked against a known safe version during a reboot.

Hudson suggests basically that for Option ROM, which is loaded when a PCIe Thunderbolt device is mounted:

If they really need to support Option ROMs on Thunderbolt, Apple could implement the EFI architecture specific security protocol to enforce driver signing — PCIe OptionROMs can be signed and checked before they are executed.

In fact, even in Hudson’s worst-case scenario, the boot ROM could hypothetically be verified in this fashion:

It could also be very stealthy and hide in system management mode, through virtualization or possibly in the Management Engine (although there is lots of work to be done there).

In theory, the user downloads a firmware update from the App Store and is prompted to restart their Mac. They do, the firmware is checked, and, if it fails, they’re prompted to visit a retail store to have it fixed.

So, no, it’s not “virtually undetectable”. Like any security gap, it takes time for it to be detectable.

Next claim: it’s a “virus”.

Not exactly, no, and certainly not in its current form:

Hudson discovered that he could use a modified Apple gigabit Ethernet Thunderbolt adapter to carry out the attack.

It spreads through hardware-to-hardware contact, not over the air. If Kingsley-Hughes were a health reporter, he’d probably say that gonorrhoea can be spread by sneezing or something.

I get that the term “virus” gets tossed around in mainstream publications the way everyone calls any tablet an iPad, but ZDNet is an industry-targeted site, and not really for general audiences. Using the term “malware” would be more correct.

Finally, is it true that it “can’t be removed”? Well, that’s a little hard to know, as Hudson, to my knowledge, didn’t actually attempt a removal, only stating that:

Since the public RSA key in the boot ROM is now one that we control, only updates that are signed by our private key can be used to update the firmware.

So, hypothetically, it wouldn’t be possible to update the firmware through software if the system were infected. A thorough software fix comes as part of OS X 10.10.2, and a hardware fix for infected computers — currently estimated at zero — would still be possible, though Kingsley-Hughes reports it in typically doomsday terms:

Fortunately, Hudson reports that Apple is working on an update that will prevent malicious code from being written to the Boot ROM via the Thunderbolt port. However, this update would not protect the system from having the Boot ROM tampered with directly.

If you have direct access to the boot ROM chip, you have direct access to everything. It’s a bit like pointing out the flaws of having locks on the doors of your house because you still have a wall that, when combined with a chainsaw, can be entered through.

However, if someone could rewrite the public RSA key on the chip, surely Apple could write it back, even if it requires in-store service.

There’s no doubt that Thunderstrike exposed a pretty serious vulnerability in the security of the Thunderbolt port. But Apple is rolling out a very thorough fix in 10.10.2 that even prevents an attacker from undoing the patches. This is clearly not being ignored, but hyperbolic and incendiary reporting doesn’t help anyone.

Update: Small revision to clarify the difference between Option ROM and boot ROM.