Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft says Thunderbolt 3 is not safe for Surface products

Arif Bacchus
By

A new leak has provided some insight into why Microsoft’s Surface lineup doesn’t feature Thunderbolt 3 ports. The reasoning comes down to security concerns, according to an internal Surface engineering webinar posted by Walking Cat on Twitter.

Recommended Videos

Surfaces don't have Thunderbolt because its insecure ???? pic.twitter.com/lb7YYOOQ4Y

— WalkingCat (@h0x0d) April 25, 2020

Related

Per the employee speaking in the video, Microsoft’s Surface lineup doesn’t feature Intel’s Thunderbolt technology because “that’s indirect memory access.” The vulnerability to a direct memory access attack has always been present with Thunderbolt technology, but Microsoft remains the only manufacturer refusing to use it.

The employee also explains how someone with bad intentions and extensive hacking knowledge and the right tools can use the technology and port to access data stored on a device.

“If you have a well-prepared stick, you can put into the direct memory access port, then you can access the full device in memory and all data that are stored in memory. We don’t believe at this moment that Thunderbolt can deliver the security that is really needed from the devices,” says the employee.

The authenticity of the video is questionable, but The Verge reports that it was able to verify that is genuine. The Microsoft employee speaking in the video is apparently based in the Netherlands and has worked with the company for 10 years. Microsoft has not commented on the video yet.

Microsoft’s Surface devices are one of the only premium laptops and 2-in-1s to not include Thunderbolt 3. Other manufacturers like HP, Dell, Apple, and Lenovo have opted to include the port, which allows for fast data transfer rates, charging of smartphones, and support for external GPUs.

Despite the benefits, there are indeed risks. In 2019, security researchers disclosed a vulnerability similar to the one that Microsoft discussed in the leaked video. Microsoft, though, has a new feature called Kernel DMA Protection, built into the system and Windows 10 which can prevent this at certain levels. Apple also has a T2 security chip in its MacBooks and Mac devices which secures Touch ID Data, and storage and enables secure boot.

Other than Thunderbolt 3, the leaked video also discusses why Microsoft doesn’t allow users to upgrade the RAM in Surface devices. This is also apparently a security threat, according to Microsoft.

The video explains that with the right tools, someone with bad intentions can access data and contents of a device by “freezing the memory with liquid nitrogen, get the memory out, and then put it in a specific reader to access all data stored in the memory.” Of course, this is not easily done, but it does explain why users can’t upgrade their Surface devices.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Surface Laptop Go 3 vs. Surface Pro 7+: is it an upgrade?
Microsoft Surface Pro 7

The Surface Laptop Go 3 is Microsoft's new affordable Surface laptop, with upgraded hardware and long battery life making it a compelling option for budget laptop buyers in 2023. But for anyone considering an upgrade to a Surface device at around that $800 price, the Surface Pro 7+ still presents an attractive purchase, and it can flip into a tablet when you need it.

That brings to mind the age-old question, of whether newer is automatically better. In this case, it might not be. Let's take a look at the Surface Laptop Go 3 versus Surface Pro 7+, to find out.

Read more
Everything Microsoft didn’t announce at its 2023 Surface event
Microsoft showing off the new Surface laptop Go 3 at its September event.

Microsoft unveiled several new products during its 2023 Surface event. We got lots of updates about Windows Copilot and other AI-driven software upgrades, as well as plenty of hardware, including the Surface Laptop Studio 2 and the Surface Laptop Go 3.

While a lot of our early predictions came true during the Microsoft September event, there are still a few things that were noticeably missing from this year's lineup. Here's what Microsoft could have announced, but didn't.
Surface Pro 10

Read more
Should you buy the Surface Laptop Studio or wait for the Surface Laptop Studio 2?
The Surface Laptop Studio 2 on a white table.

Announced during the Microsoft September event, the Surface Laptop Studio 2 joins a growing family of Surface devices. Equipped with all the same flexibility we'd expect from the best 2-in-1 laptops, the Studio 2 may look very similar to the previous version, but it's a lot more different than it seems at a glance.

How does the new version compare to Microsoft's original Laptop Studio? Below, we'll take you on a deep dive into these two devices and help you make your pick if you're trying to choose between them. Make sure to read our Surface Laptop Studio 2 review, as well.
Pricing and availability

Read more