Security is a constant concern and most recently the USB-C Thunderbolt 3 port was the afflicted victim. During Microsoft’s announcement of their latest Surface Book 3 the team mentioned Thunderclap as the security flaw that prevented the Type-C port from appearing on their latest flagship notebook.
Thunderclap revealed that the Thunderbolt 3 port made the machines’ susceptible through the privilege given to direct-memory access (DMA). Granting this access allows your Thunderbolt 3 port to work with a gamut of peripherals, displays, eGPUs, you name it. This level of access is needed for some of the bandwidth heavy devices being attached to the host. For example, an eGPU will need deep access because it is supplementing or replacing a core host function. Unfortunately, this feature is being exploited by hackers to gain access to steal data, track files, or run malicious code.
Our team was aware of this issue six months ago when we were approached by the Apple team to take a look. We suggested updates to the kernel, and our tests revealed that this resolved many of the issues. Anyone that is concerned about Thunderclap should update to the latest MacOS immediately to allay their concerns.
Thunderclap should not be an issued if you have updated to Mac’s latest firmware. However, Thunderclap can still persist as a problem for Mac users running Linux or Windows on their machines. Windows is currently working on a firmware update to resolve the issue, and until then we recommend some due diligence. Be aware of what you are connecting to your dock, avoid suspicious hardware, and err on the side of caution.
If you have any other questions and concerns, then feel free to reach out to our team in Placentia, CA. We are available via email, chat, and phone.