[jonhohle]

As another commenter pointed out, public charging or borrowed chargers are an issue. Think airport charging kiosks/counters. Maybe power over data connectors isn’t the best idea (I enjoy single cable docking, but an extra, magnetic power cable wasn’t that much more work).

[tptacek]

Borrowed chargers aren't the threat model here; these attacks involve an attacker opening up your machine and reading the contents of the TB3 controller's SPI flash.

[redactions]

That isn't entirely accurate. The ability to clone a given device state gives access to any system which has authorized that cloned device. A borrowed thunderbolt device which is not the target machine may also be used to bypass security levels as a result. No need to open the laptop in that case. See section 3.1.1 and 3.1.3 in the report.