Thunderbolt 3 Security at Issue due to Thunderclap Threat – Stay Protected with CalDigit

Security is a constant concern and most recently the USB-C Thunderbolt 3 port was the afflicted victim. During Microsoft’s announcement of their latest Surface Book 3 the team mentioned Thunderclap as the security flaw that prevented the Type-C port from appearing on their latest flagship notebook.

Thunderclap revealed that the Thunderbolt 3 port made the machines’ susceptible through the privilege given to direct-memory access (DMA). Granting this access allows your Thunderbolt 3 port to work with a gamut of peripherals, displays, eGPUs, you name it. This level of access is needed for some of the bandwidth heavy devices being attached to the host. For example, an eGPU will need deep access because it is supplementing or replacing a core host function. Unfortunately, this feature is being exploited by hackers to gain access to steal data, track files, or run malicious code.

Our team was aware of this issue six months ago when we were approached by the Apple team to take a look. We suggested updates to the kernel, and our tests revealed that this resolved many of the issues. Anyone that is concerned about Thunderclap should update to the latest MacOS immediately to allay their concerns.

Thunderclap should not be an issued if you have updated to Mac’s latest firmware. However, Thunderclap can still persist as a problem for Mac users running Linux or Windows on their machines. Windows is currently working on a firmware update to resolve the issue, and until then we recommend some due diligence. Be aware of what you are connecting to your dock, avoid suspicious hardware, and err on the side of caution.  

If you have any other questions and concerns, then feel free to reach out to our team in Placentia, CA. We are available via email, chat, and phone.

Share this article.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Send Email

CalDigit News

Stay Connected.

Trending News

Press Contact
For all press inquiries, please contact:

Kosta Panagos
TEL:+44 (0) 1993 700 972
FAX:+44(0)845-611-8415
Email: kosta@caldigit.com

Considerate. Authentic. Design.

Designed in California

Stay in touch!

Join our mailing list to stay up to date!

Need some help?

Hours of Operation

Mon – Fri   9:00AM – 6:00PM

(PST, UTC/GMT –8)

Mon – Fri 8:30AM – 5:30PM  

(UTC/GMT 0)

Mon – Fri 9:00AM – 6:00PM

(UTC/GMT +9)

Mon – Fri 8:00AM – 5:00PM

(UTC/GMT +8)

CalDigit Support is ready to assist you.

For an optimal experience please have the following on hand prior to contacting support. 

  • Product Name
  • Serial Number
  • Operating System

Ready to chat?

Click the button to get started!

Need some help?

Send us an email! Our customer service representatives are patiently waiting!

+1 (714) 572 9889 Support@CalDigit.com

Mon – Fri   9:00AM – 6:00PM (PST, UTC/GMT –8)

Due to the ongoing COVID-19 epidemic and California’s statewide “Stay at home” order, CalDigit’s Sales and Support teams are working from home to ensure the safety of our employees. We do not expect any slowdown in responding to customers but please contact us via email and online chat rather than phone calls during this time for a faster response to your enquiries. Orders placed directly from CalDigit online stores can still be processed immediately.

+44 (0) 1993 700 972


EUSupport@CalDigit.com

Mon – Fri 8:30AM – 5:30PM  (UTC/GMT 0)

+81 (50) 3136 5168


Japan@CalDigit.com

Mon – Fri 9:00AM – 6:00PM (UTC/GMT +9)

+886 (2) 2226 0966


Asia@CalDigit.com

Mon – Fri 8:00AM – 5:00PM (UTC/GMT +8)

For an optimal experience please have your product name, serial number, and operating system on hand prior to contacting support.

ENTER TO WIN A TS3 PLUS!

To cheer up our followers during this difficult time we are giving away a CalDigit prize every week until the California Stay At Home ban is lifted.

To enter

– Leave a comment on the CalDigit Giveaway post
– Follow CalDigit on the platform you comment on

One person will be picked at random each week.

*Valid for US, EU, and Asia-Pacific regions

Cookie Graphic

This website uses cookies to improve your user experience. By continuing to browse this website, you are agreeing to our use of cookies. We encourage you to review our Privacy Policy.