Buying Guides
by Review Geek

Browse All Buying Guides
How-to Geek Best Of Badge Award

Reader Favorites

8 Best Wireless Mechanical Keyboards
5 Best Places to Buy Vinyl Records Online
8 Best Hot Swappable Mechanical Keyboards
Apps to Share Your Location with Family
The 5 Best Trip Planning Apps
The Best Multi-Device Mice and Keyboards for Power Users
7 LEGO Alternatives That Still Work With LEGO Bricks

More from Review Geek

Browse All Buying Guides
Browse All Latest News

Review Geek Editorials

Why Everyone Needs to Stock up on Power Banks
I Switched to a Galaxy S21 and I Hate It
I Tried Carvana: It Was Worse Than The Dealer
Don't Buy an Electric Riding Lawn Mower
Why We Can't Recommend Wyze or eufy Cameras
Don't Buy This Fake 16TB Portable Hard Drive
You Don't Really Ever Own an EV

More from Review Geek

Browse All Reviews
Browse All Buying Guides
How-to Geek Editor Choice Badge Award

Across LifeSavvy Media

FROM LIFESAVVY
BedJet 3 Review: Personalized Bed Climate Control Made Easy
BlendJet 2 Portable Blender Review: Power on the Go
FROM HOW-TO GEEK
System76 Gazelle (gaze18) Review: A Portable Linux Powerhouse
Poly Voyager Free 60+ Review: Rise of the Enterprise Earbuds
We select and review products independently. When you purchase through our links we may earn a commission. Learn more.
X
Popular Searches
News

Microsoft Surface Devices Skip Thunderbolt Ports for Security

Josh Hendrickson
Josh Hendrickson
Editor in Chief

Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read more...

About Review Geek
@canterrain
| 1 min read
A Microsoft Pro 7 with a red keyboard cover.
Microsoft

File this under news that makes you go, “Huh.” In a leaked presentation, a Microsoft employee explained why Surface devices don’t have Thunderbolt ports—security. According to the engineer, Thunderbolt connections are just too insecure. And for that matter, Surface devices use soldered RAM in the name of safety also.

WalkingCat, a prolific Microsoft leakster on Twitter, leaked a portion of the video in question. In the presentation, which The Verge confirmed as genuine, the engineer explained the problem with Thunderbolt.

https://twitter.com/h0x0d/status/1253917701719769088?s=20

Thunderbolt, unlike USB-C or other similar ports, is a direct memory access port. That’s necessary for transferring data at high speeds. It’s not a unique feature of Thunderbolt necessarily, PCI-Express is also a direct memory access port, for instance.

But Thunderbolt ports are far more accessible than PCI-Express. An attacker could set up a USB drive to take advantage of that fact. Dubbed a Direct Memory Attack, usually, the hacker would use social engineering techniques (free USB stick! with a free video game!) to trick the victim into plugging it into the device.

Once connected, the Direct Memory Attack lets the hacker bypass security on the device entirely. And they’d have access to everything in memory, including any data on hand. That’s a pretty scary prospect.

Along similar lines, the engineer claims that Microsoft chooses to solder RAM to Surface devices for security. With removable RAM, a bad actor could freeze with nitrogen, remove it, then access the contents (including BitLocker keys) with an easily obtainable reader.

While the Thunderbolt reasoning sounds plausible, the RAM reasoning isn’t as convincing. It seems the more likely driving factor is that soldering RAM helps a manufacturer create thinner devices—a selling factor in tablets and laptops.

And as The Verge points out, Microsoft built kernel-level protection for Thunderbolt 3 into Windows 10. It’s worth noting that the Surface Connector, Microsoft’s proprietary port, supports data transfers, power delivery, and video support on a single magnetically attached cable. But it doesn’t support Thunderbolt.

via The Verge

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »