Adding info about thunderbolt 3 security and security levels
Signed-off-by: Jason Barbier <jason@corrupted.io>
This commit is contained in:
parent
d6737c777e
commit
70d2bd5870
|
@ -1,6 +1,6 @@
|
||||||
# Linux workstation security checklist
|
# Linux workstation security checklist
|
||||||
|
|
||||||
Updated: 2017-12-15
|
Updated: 2019-08-22
|
||||||
|
|
||||||
*Status: CURRENT*
|
*Status: CURRENT*
|
||||||
|
|
||||||
|
@ -98,6 +98,10 @@ ExpressCard are guilty of the same, though some later implementations of
|
||||||
Thunderbolt attempt to limit the scope of memory access. It is best if the
|
Thunderbolt attempt to limit the scope of memory access. It is best if the
|
||||||
system you are getting has none of these ports, but it is not critical, as
|
system you are getting has none of these ports, but it is not critical, as
|
||||||
they usually can be turned off via UEFI or disabled in the kernel itself.
|
they usually can be turned off via UEFI or disabled in the kernel itself.
|
||||||
|
If you are getting a system that has Thunderbolt 3, it is best if you plan on
|
||||||
|
leaving it enabled to ensure that Thunderbolt security is enabled and if security
|
||||||
|
levels are supported it is set to User Authorzation. This will prevent Thunderbolt
|
||||||
|
devices from attaching to the system without the user's knowledge.
|
||||||
|
|
||||||
#### TPM Chip
|
#### TPM Chip
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue