ASUS Unveils ThunderboltEX 3-TR Card for Intel Z490 and H470 Chipset Motherboards

[btarunr]

ASUS today unveiled the ThunderboltEX 3-TR its latest 2-port Thunderbolt 3 (40 Gbps) add-on card for ASUS Intel 400-series chipset motherboards that feature the TB3 header. The full height add-on card features a PCI-Express 3.0 x4 host interface, and puts out two Thunderbolt 3 ports in the type-C format. There are two mini-DisplayPort inputs so you can add DisplayPort passthrough from your graphics card for each of the two Thunderbolt ports. ASUS even includes a pair of short-length miniDP to standard DP cables. It also includes a USB 2.0 cable, and a cable for the TB3 header on your compatible ASUS motherboard. Under the hood is an Intel "Titan Ridge" JHL7540 2-port Thunderbolt 3 controller. The card requires a 6-pin PCIe power input. For now its compatibility list includes all Intel Z490 and H470 chipset motherboards by ASUS that feature the TB3 header.



View at TechPowerUp Main Site

 

[zlobby]

Is it affected by Thunderspy?

 

[Sihastru]

All Thunderbolt controllers are successible to a "Thuderspy" type of attack on Windows 10 up until 1909 (I couldn't find data on 2004, the May 2020 update) and certain Linux distributions. Fortunately this attack is highly targeted and requires physical access to the thunderbolt equipped workstation and also some way of accessing any device that you might plug into a port connected to the exploited controller. Unless you are in a scenario where this is not only possible but also highly probable, it shouldn't be too high up on the concerns list.

 

[zlobby]

All Thunderbolt controllers are successible to a "Thuderspy" type of attack on Windows 10 up until 1909 (I couldn't find data on 2004, the May 2020 update) and certain Linux distributions. Fortunately this attack is highly targeted and requires physical access to the thunderbolt equipped workstation and also some way of accessing any device that you might plug into a port connected to the exploited controller. Unless you are in a scenario where this is not only possible but also highly probable, it shouldn't be too high up on the concerns list.

Oh, you see, it's not the practical execution I'm worried about. It's the fact that intel (and many others) are so lazy when it comes to security.
Issues with Thunderbolt are so blatant that Thunderbolt should have stayed on some draft paper, had anyone with at least a common sense glanced at it. Meaning - intel didn't care either way.

 

[Sihastru]

Please don't block-quote the message directly above your message.

That being said, I disagree with you wholeheartedly. You should read the tech paper on "Thunderspy", the exploit literally requires that the attacker reflashes the Thunderbolt firmware using specialized hardware that amounts to about $600, not a large sum, but a hurdle for most, for sure. This new firmware literally disables most, if not all, security features implemented by Intel. After this step, the problem lies almost exclusively with the OS implementation of certain things.

This type of "exploit" is technically possible on most hardware devices that use firmware. The only way of circumventing it would probably be some kind of always on internet connected DRM. And that's a different kind of can of worms altogether. This type of "exploit" could make its way in the tech security news section only by ways of the bandwagon effect.

 

[Prima.Vera]

Honestly, this add-on card should be given for free to their Owners, especially those of the Z490 boards which are ridiculously priced this generation.