Ever wondered why the Surface Pro 7 didn’t go with Thunderbolt 3 support when Microsoft finally introduced USB-C to its range of well-liked hybrids? Well, Microsoft does have a reason why all Surface devices don’t support Thunderbolt, and indeed why they have soldered RAM (which makes upgrading the memory impossible).
So what’s the explanation behind these key moves which have doubtless served to annoy some of the Surface user base?
The answer comes in the form of a video clip from Microsoft highlighted on Twitter by WalkingCat.
Surfaces don’t have Thunderbolt because its insecure 🙃 pic.twitter.com/lb7YYOOQ4YApril 25, 2020
As the clip explains, Microsoft doesn’t want the memory to be removable in order to avoid security risks that come with such a scenario. As the narrator explains, what you can ‘easily do is freeze the memory with liquid nitrogen’, and then use a memory reader to access data in memory, including Bitlocker recovery keys.
Now, doubtless there is a security risk here, but we don’t think there’s anything particularly ‘easy’ about going to the lengths of using liquid nitrogen in this manner – or that the average Surface user really needs to worry that they might be the target of such an attack.
And indeed, if an attacker has made off with your device, there are easier ways they can crack into it and get this data anyway, so it seems like an odd example all round.
The reason for the lack of Thunderbolt support is very much in a similar vein, namely that it represents a security risk in that it offers Direct Memory Access (DMA), or in other words, the possibility of an attacker using a specially prepared USB stick to access the contents of memory, and again the likes of Bitlocker keys.
So hence why Microsoft went USB-C, but left Thunderbolt 3 out of the equation for Surface products. However, as MS Poweruser, which spotted the tweet, points out, with Windows 10 April 2018 Update, Microsoft introduced Kernel DMA Protection to defend machines against the kind of DMA memory invasion described. So we might yet see Thunderbolt 3 support coming to future Surface devices (although we wouldn’t bank on it).
As you might imagine, there has been some cynicism in the reaction on Twitter, certainly when it comes to the soldered RAM. This includes folks pointing out that soldered memory is a cheaper (and space-saving) way for Microsoft to do things. And also that it brings in an element of planned obsolescence – in other words, being unable to upgrade the RAM means that the machine is slightly less future-proof.
Of course, it’s far from all bad news with the internals of contemporary Surface devices, and to Microsoft’s credit, it has made considerable progress with a number of these pieces of hardware in terms of making the SSD user-replaceable and using less glue (although the Surface Pro 7 sadly didn’t make any strides forward in this respect).