Microsoft reportedly doesn’t use Thunderbolt 3 ports on its Surface line because of security concerns.
The detail came from a Surface engineering webinar leaked on Twitter by ‘WalkingCat’ (@h0x0d). In the webinar, a Microsoft employee explains all the engineering involved with the latest Surface laptops and tablets.
“No Surface device has Thunderbolt. Why not? Because that’s a direct memory access port,” the employee explained. The employee went on to say that someone with a “well-prepared stick” could insert it into the direct memory access port and gain access to the full device memory and all the data stored there.
“We don’t believe, at this moment, that Thunderbolt can deliver the security that’s really needed from the devices,” the employee said.
The Verge reports that it was able to verify the authenticity of the presentation. Further, the employee giving the presentation is a Surface technology specialist based in the Netherlands. The employee has worked for Microsoft for more than 10 years.
Surfaces don't have Thunderbolt because its insecure ? pic.twitter.com/lb7YYOOQ4Y
— WalkingCat (@h0x0d) April 25, 2020
Later in the presentation, the employee also explains that Microsoft chose not to include upgradeable RAM due to security concerns.
Essentially, if the RAM can be removed and upgraded, the Surface technology specialist says that someone could “freeze the memory with liquid nitrogen,” remove it, put it into a reader and access all the data loaded onto it.
While that may seem like a lot of effort to access the data of the average consumer, considering Microsoft’s focus is more on enterprise than consumers, such extreme security measures make more sense.
Microsoft told The Verge that is has nothing to share about the presentation. Despite the security concerns raised by the Microsoft employee, other laptop makers offer Thunderbolt 3 and user-upgradeable RAM. Further, Microsoft built kernel-level protection for Thunderbolt 3 into Windows 10, which makes the argument odder. The Verge suggests that Microsoft’s proprietary Surface Connector port has more to do with the lack of Thunderbolt 3 than security concerns.