Thunderclap: A Thunderbolt vulnerability to be aware of

If you don’t know where it’s been, don’t plug it in.

USB-C ports can be used to read your computer’s memory, execute commands, etc. This can be from devices that are also performing an innocuous task such as charging the laptop.


This is a reasonably big deal. There’s nothing new about Thunderbolt attacks of this kind, but they’re one of the main reasons that I shut my MacBooks down rather than put them to sleep when I’m transporting them.

This could be a big deal since so many of us use password managers and many of them have to decrypt to memory. It’s been found out that 1Password decrypts the entire vault and puts it all in memory which is a really big issue for this attack.