If you have a #Thunderbolt capable computer, read this:
Despite the fancy name, plugging in unknown devices is probably always going to be a huge risk & I honestly can't think of a scenario where you'd be plugging in something you found on the parking lot if you at all care about security.
Now there are of course risks such as having your charger secretly exchanged for a malicious one, but if the attacker is this determined, you probably need a whole new strategy.
Seeing the massive performance degradation that #Spectre & #Meltdown fixes could cause, (up to 30% in some workloads), am not even sure their current approach is wrong in the general case. It seems to be a case of performance vs maximum security, pick one.
So it may end up being the case that we'll need to think about security a lot more explicitly/manually ourselves when performing certain actions, rather than simply relying on the OS to somehow shield us. It seems logical to me that no matter how hard we try, once an attacker has physical access, there's little one can do to stop them.