Considering the DMA vulnerabilities of thunderbolt, that's not too far off.

At least until we have some sort of IOMMU-based hotplug device firewalls in our operating systems.

Isn't that already the case? Current-gen Intel and AMD platforms have IOMMUs; Linux supports them. Linux and Windows support disabling DMA without disabling the rest of e.g. Firewire.

That's for a specific firewire protocol.

Thunderbolt exposes PCIe-lanes, so you can pretty much attach any pcie-device that has drivers. If there are any drivers that do not use the IOMMU properly (just pass through everything?) then we're back to square one. And I don't think all drivers are iommu-aware.

The system should only hotplug devices/drivers with user approval.

USB 3.0 has DMA too.

But is that remote DMA? Controller/driver-managed DMA transfers in the fashion of "shovel the next X incoming kilobytes to this memory range" is not the same as arbitrary writes to host memory initiated by a device.

Ah, maybe it isn't, fair point.

On USB only Host is allowed to be a bus master. Thunderbold does PCI/PCIe and by extension allows any plugged gizmo to take over whole computer.

One port to bring them all and in the darkness bind them.