Microsoft came very late to the party when it came to adding USB-C to their range of Surface laptops and PCs, and when it did eventually arrive, Microsoft disappointed many due to the ports not supporting Thunderbolt, which offers much faster data speeds and which is overall more versatile.

Now the reason for this somewhat strange choice has been revealed in a Microsoft presentation, which explains that it is all about security.

Thunderbolt uses DMA (Direct Memory Access) which means the port can read and write directly to your device’s RAM without the OS or processor being involved. This offers great speed, but also means a malicious device could read any part of your RAM at will, including important items such as your Bitlocker key and other encryption keys, or even inject malware which allows hackers to bypass the lock screen.

It is for the same reason, according to a Microsoft presenter, that all Surface products have soldered RAM, as attackers could use liquid nitrogen to preserve the state of a RAM chip without power, move the chip to an external RAM reader, and then get full unprotected access to your RAM, including encryption keys.

WalkingCat found the video presentation, which can be seen below:

While it is obvious that these attack vectors are real, it is less obvious that the bulk of people need to worry about them and be limited by a security concern which affects very few people. If an attacker has physical access to your PC it seems likely there are several other more obvious software attacks which would offer full access before breaking out the bottle of liquid nitrogen. This level of security may be more relevant to special computers offered to governments than some-one doing a spreadsheet at home.

Interestingly Microsoft did introduce Kernel DMA Protection to protect PCs against drive-by Direct Memory Access (DMA) attacks using PCI hotplug devices connected to Thunderbolt 3 ports with Windows 10 1803, meaning Microsoft will hopefully someday release a Surface with Thunderbolt 3.

Do our readers think Microsoft was being overly paranoid, or are they right? Let us know below.

Comments