That isn't entirely accurate. The ability to clone a given device state gives access to any system which has authorized that cloned device. A borrowed thunderbolt device which is not the target machine may also be used to bypass security levels as a result. No need to open the laptop in that case. See section 3.1.1 and 3.1.3 in the report.
No comments yet.