Microsoft might have been right to skip Thunderbolt 3 (again) on the new Surface Book 3

The Surface Book 3 forgoes Thunderbolt 3, making less likely to get hacked as a result it would appear. (Source: Microsoft)
The Surface Book 3 forgoes Thunderbolt 3, making less likely to get hacked as a result it would appear. (Source: Microsoft)
Microsoft has been copping it for bypassing Intel’s Thunderbolt ultra-high-speed I/O once again on the new Surface Book 3. However, it appears that its recently revealed security concerns about the technology and how it interfaces with Windows may appear to vindicate its decision.
Sanjiv Sathiah,

Just ahead of Microsoft’s Surface Book 3 launch, a leaked video presentation for the Surface 3 laptop shows a company exec reveal that its reason for avoiding Thunderbolt 3 has been because of security concerns. Specifically, Thunderbolt 3 grants direct access to system memory and this is something Microsoft has wanted to avoid. Naturally, this raised alarm bells for the impending launch of the Surface Book 3 which was then on the immediate horizon.

Sure enough, when the Surface Book 3 was unveiled it last week, it once again omitted a Thunderbolt 3 port to the dismay of many Windows fans. After all, Thunderbolt 3 offers a theoretical maximum throughput of 40 Gbps which offers the ability to access the fastest external storage drives and external GPU enclosures among other benefits. It is also a standard feature on many similar high-end notebooks, so what gives?

Now a new piece of research from security specialist Björn Ruytenberg has revealed that any Windows or Linux PC made before 2019 is vulnerable to the “evil maid” hack that he is calling “Thunderspy”. It requires gear worth around US$400 but it can bypass the login screen of a sleeping or locked computer and access all the data on its drive -- even if it is encrypted. The exploit won’t work in macOS but will on a Mac running Windows in Boot Camp.

The solution:

If you intend to use Thunderbolt connectivity, we strongly recommend to: Connect only your own Thunderbolt peripherals; never lend them to anybody; avoid leaving your system unattended while powered on, even when screenlocked; avoid leaving your Thunderbolt peripherals unattended; ensure appropriate physical security when storing your system and any Thunderbolt devices, including Thunderbolt-powered displays; consider using hibernation (Suspend-to-Disk) or powering off the system completely. Specifically, avoid using sleep mode (Suspend-to-RAM).

Wired, in breaking the story, noted that Intel’s new Kernel DMA Protection feature [built following advice of the hack three months ago] needs to be enabled to protect against the attack. However, the response from OEMs varied as to whether is enabled by default on their machines. Even then, Ruytenberg advised that Intel will need to make yet another silicon level fix to completely eliminate the attack. Intel’s response to Wired reads: "For all systems, we recommend following standard security practices, including the use of only trusted peripherals and preventing unauthorized physical access to computers."



Read all 14 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2020 05 > Microsoft might have been right to skip Thunderbolt 3 (again) on the new Surface Book 3
Sanjiv Sathiah, 2020-05-11 (Update: 2020-05-11)
Sanjiv Sathiah
I have been tech-obsessed from the time my father introduced me to my first computer, an Apple ][. Since then, I have grown to enjoy exploring and experimenting with any computing platform that I can get my hands on – I am the definitive early adopter! I have always been interested in how we can use technology to shape and improve our lives, most recently using it to record, mix and master my debut record, Acuity – Nature | Nurture out now on Spotify.