A leaked video of a Surface engineering webinar has confirmed that Microsoft thinks the Thunderbolt standard is too insecure to currently include on its Surface devices
Surfaces don’t have Thunderbolt because its insecure ? pic.twitter.com/lb7YYOOQ4Y
— WalkingCat (@h0x0d)
April 25, 2020
The video is just over two minutes, but the crux of Microsoft’s reasoning is explained in the video by an unnamed employee who is a “Surface technology specialist based in the Netherlands that has worked at the company for more than 10 years”. He says:
“No Surface device has Thunderbolt. Why not? Because that’s a direct memory access port. If you have a well prepared stick that you can put into the direct memory access port, then you can access the full device in memory and all data that’s stored in memory. We don’t believe, at this moment, that Thunderbolt can deliver the security that’s really needed from the devices.
“If you’d be able to upgrade the memory… what you can easily do is freeze the memory with liquid nitrogen, get the memory out, and then put it in a specific reader… and then you can access all the data that was loaded into memory. That’s why on all Surface devices the memory is not physically upgradeable, because of security. We want to make sure the memory cannot be tampered with.”
While it might a technologically correct reasoning, the inclusion of freezing the memory with nitrogen seems fairly outlandish and could come into some criticism. Rival PC manufacturers have used Thunderbolt 3 in their USB-C ports for several years.
Apple’s MacBooks also use the Thunderbolt port extensively for external display support and data transfer. Microsoft instead insists on using its proprietary Surface Connector for many output features, though some of its Surfaces have regular USB-A and C ports too.